f0f0d787dc559f8fc5b11507f8e58677_JaffaCakes118

General

Target

f0f0d787dc559f8fc5b11507f8e58677_JaffaCakes118
Size

283KB
MD5

f0f0d787dc559f8fc5b11507f8e58677
SHA1

9d2abb6b2f0c1bdb7434a116c4ad2b17b129459a
SHA256

4cbcfef8e11b00d2fbf32d6f1a47055d0ba0ef59b11409a1545e27bff375769a
SHA512

625c4084610b832a056deb2b6d86eeb7587884b083db8a3a56a068f129405b0741e3ad43cc5a0b18f30ae166382ded7ecd120cd61069c4b7e2b2556f43a4178a
SSDEEP

6144:7yBYvQ6xuIO/taCnq0A8RPAAiwv1MSAAI0R/WPa3YdX9vHj4Si:2BYvrQIO/tS3Wiwv1MRAI0pWPaIBxDpi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0f0d787dc559f8fc5b11507f8e58677_JaffaCakes118

Files

f0f0d787dc559f8fc5b11507f8e58677_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bdfdd122e81227bb9996ecd0c4f9e51e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetIpAddrTable

user32

CreateWindowExW
DestroyWindow
GetDlgItem
EnumChildWindows
IsWindow
SendMessageA
GetWindowThreadProcessId

setupapi

CM_Get_Parent
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

VirtualFree
AddAtomA
VirtualQuery
SetLastError
GetStdHandle
GetSystemInfo
QueryPerformanceCounter
TlsFree
GetModuleFileNameA
HeapDestroy
UnhandledExceptionFilter
InterlockedExchange
GetVersionExA
GetEnvironmentStrings
GetOEMCP
HeapCreate
IsBadWritePtr
GetLocaleInfoA
EnumResourceLanguagesA
TlsSetValue
FreeEnvironmentStringsA
HeapSize
SetEndOfFile
VirtualAlloc
WriteFile
SetHandleCount
TerminateProcess
GetEnvironmentStringsW
lstrcpynW
TlsGetValue
GetCurrentProcess
GetStartupInfoA
GetSystemTimeAsFileTime
GetCPInfo
GetFileType
GetACP
FreeEnvironmentStringsW
TlsAlloc
GetCurrentProcessId
SetUnhandledExceptionFilter

Sections

.text
Size: 144KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bdfdd122e81227bb9996ecd0c4f9e51e

Headers

File Characteristics

Imports

iphlpapi

user32

setupapi

shell32

mprapi

newdev

kernel32

Sections

.text Size: 144KB - Virtual size: 276KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 135KB - Virtual size: 135KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 276KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 135KB - Virtual size: 135KB

.rsrc
Size: 512B - Virtual size: 4KB