ee314beed37dd444c4a6b1c5f6de4487_JaffaCakes118

General

Target

ee314beed37dd444c4a6b1c5f6de4487_JaffaCakes118
Size

169KB
MD5

ee314beed37dd444c4a6b1c5f6de4487
SHA1

17787582760b4522cc92ac218df3c3774a5b38cc
SHA256

192b3c07d7331b338bc400ca0b8c12dfea74fed83363992a801e6d0e1654884a
SHA512

3d6ae0cf2ba47e9d7b40a5ebc2df1f0394094ce1906875365978e16f885fbb1a18e6ad018b380b08bc47636677a8b311f74ebf1f50aa87cf662862bb5038d64a
SSDEEP

3072:ZYGy9/koA4KzZRZtDb6n7MckPJHgqH9OZxG8YT1jKbvwuCXhgbGtV4tNIHlol49b:WGyNkhfHDEGxgrxpYTNLGtNIul49qSMQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee314beed37dd444c4a6b1c5f6de4487_JaffaCakes118

Files

ee314beed37dd444c4a6b1c5f6de4487_JaffaCakes118
.exe windows:4 windows x86 arch:x86

717cca396c6459df943334b992b50608

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

kernel32

SetThreadPriority
VirtualAlloc
IsBadReadPtr
GetCurrentProcessId
CreateMutexA
GlobalAlloc
Sleep
LockResource
AddAtomA
GetModuleFileNameW
LeaveCriticalSection
EnterCriticalSection
CreateFileW
CreateSemaphoreA
InterlockedIncrement
LoadLibraryA
GetSystemTime
GetProcAddress
WaitForMultipleObjects
GetModuleFileNameA
LoadResource
GetProcessHeap
IsBadWritePtr
VirtualFree
ResetEvent
LoadLibraryW
ReleaseSemaphore
EnumResourceTypesW
GetThreadPriority
TerminateThread
QueryPerformanceCounter
GetSystemInfo
HeapFree
GetCurrentThreadId
GetGeoInfoA
GetExitCodeThread
GetLastError
ReleaseMutex
MultiByteToWideChar
InterlockedDecrement
GetTickCount
FreeLibrary
lstrlenA
FindResourceA
WideCharToMultiByte
GetCurrentThread
DisableThreadLibraryCalls
ExitProcess

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

shlwapi

StrCmpNIA
StrStrA

setupapi

CM_Get_Sibling
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 86KB - Virtual size: 485KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

717cca396c6459df943334b992b50608

Headers

File Characteristics

Imports

shell32

kernel32

newdev

iphlpapi

shlwapi

setupapi

Sections

.text Size: 86KB - Virtual size: 485KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 80KB - Virtual size: 79KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 485KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 80KB - Virtual size: 79KB

.rsrc
Size: 512B - Virtual size: 4KB