e0e5b6bd452cda57e220b56414d6c757_JaffaCakes118

General

Target

e0e5b6bd452cda57e220b56414d6c757_JaffaCakes118
Size

181KB
MD5

e0e5b6bd452cda57e220b56414d6c757
SHA1

2b906007bdd2a8625bf4e2c219a3cc824606ba67
SHA256

b495ec893449a90135781bc73e854a43598d5e4d10c72e53633e8e3faf423f93
SHA512

ad84e3dad928e93edebc0c8d9bfe379e656a8131d46fbd33bd2889a3400dcaa7d63e3445aca0d8fe332a6aea48814b5da19c785ee7a2658da93dd81278634707
SSDEEP

3072:fLaN43+0yH/U7fsD+mIzjHxPtPSR45Umi0QxGEvzdVjZgpn3LvSWCC8MWi:fLaAy8og9xco6xGKBxZyjSWCYWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0e5b6bd452cda57e220b56414d6c757_JaffaCakes118

Files

e0e5b6bd452cda57e220b56414d6c757_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffd4a784856e7427707632833d4171ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

NdrConformantArrayFree
UuidCreate

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

kernel32

ReadFile
MultiByteToWideChar
GetAtomNameW
WriteFile
FindFirstFileW
FreeLibrary
WaitForSingleObject
MulDiv
WritePrivateProfileStringW
GetWindowsDirectoryW
GetProcAddress
GetModuleHandleW
EnumResourceNamesW
GetPrivateProfileStringW
DeleteFileW
GetExitCodeProcess
WaitCommEvent
GlobalAlloc
FindClose
LoadLibraryExW
FindNextFileW
SetFilePointer
GlobalFree

setupapi

SetupDiCallClassInstaller
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceInstallParamsA
SetupDiCreateDeviceInfoA
SetupDiGetClassDescriptionW
SetupDiEnumDeviceInfo
SetupCloseInfFile
SetupDiCreateDeviceInfoList
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyW
SetupDiClassGuidsFromNameW
SetupDiGetDeviceInstanceIdW
SetupGetLineTextA
SetupDiGetClassDevsA
SetupDiBuildClassInfoList
SetupDiClassNameFromGuidW
SetupDiGetClassDevsW
SetupDiSetDeviceRegistryPropertyW
SetupCopyOEMInfW
SetupOpenInfFileA
SetupDiGetDeviceRegistryPropertyA
SetupGetInfFileListA
SetupDiDeleteDeviceInfo
SetupDiSetClassInstallParamsW
CM_Get_DevNode_Status

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffd4a784856e7427707632833d4171ff

Headers

File Characteristics

Imports

rpcrt4

mprapi

kernel32

setupapi

newdev

iphlpapi

Sections

.text Size: 94KB - Virtual size: 94KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 83KB - Virtual size: 82KB

.reloc Size: 1024B - Virtual size: 264KB

.text
Size: 94KB - Virtual size: 94KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 83KB - Virtual size: 82KB

.reloc
Size: 1024B - Virtual size: 264KB