e77b16918e4c32f4d8fdd1fce0a33b65_JaffaCakes118

General

Target

e77b16918e4c32f4d8fdd1fce0a33b65_JaffaCakes118
Size

178KB
MD5

e77b16918e4c32f4d8fdd1fce0a33b65
SHA1

9a5c501771ceb7219a9885a9890f48865603d2a4
SHA256

b2342931a413fadbc60bcd00d9add49bebbf147ab3bb305a80d8eb6169d549f4
SHA512

d11a6501bc583d74c7439a962b2f561e5103ba2f0f38e6edb88a16b7608cbbc356c050a57a33cbea0e7eb89539849d86f3b1bc111afc1ddcc27d9bf2a24f63dd
SSDEEP

3072:pajLOPuOHlI1DN/+VNJCZIkmI7CEJgDbovVbg+bDSd:wjiPupDN/YCWkVCDotU1d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e77b16918e4c32f4d8fdd1fce0a33b65_JaffaCakes118

Files

e77b16918e4c32f4d8fdd1fce0a33b65_JaffaCakes118
.exe windows:4 windows x86 arch:x86

642cdc1ad28d7a9f910ab578cc1c1c9f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStrings
UnhandledExceptionFilter
GetStdHandle
AddAtomA
GetCurrentProcess
GetCPInfo
VirtualQuery
HeapDestroy
GetLocaleInfoA
IsBadWritePtr
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetLastError
FreeEnvironmentStringsA
HeapCreate
EnumResourceLanguagesA
GetVersionExA
TlsFree
GetEnvironmentStringsW
GetCurrentProcessId
TlsAlloc
GetFileType
SetHandleCount
GetDiskFreeSpaceW
VirtualAlloc
VirtualFree
GetSystemInfo
GetACP
GetStartupInfoA
GetModuleFileNameA
TlsGetValue
SetEndOfFile
TlsSetValue
HeapSize
InterlockedExchange
FreeEnvironmentStringsW
TerminateProcess
GetOEMCP
SetUnhandledExceptionFilter

iphlpapi

GetIpAddrTable

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

newdev

UpdateDriverForPlugAndPlayDevicesW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

GetDlgItem
DestroyWindow
EnumChildWindows
SendMessageA
CreateWindowExW
IsWindow
GetWindowThreadProcessId

shell32

SHGetFolderPathW

Sections

.text
Size: 88KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

642cdc1ad28d7a9f910ab578cc1c1c9f

Headers

File Characteristics

Imports

kernel32

iphlpapi

setupapi

newdev

mprapi

user32

shell32

Sections

.text Size: 88KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 512B - Virtual size: 4KB