fd35548796ef4e78062730e50848638f_JaffaCakes118

General

Target

fd35548796ef4e78062730e50848638f_JaffaCakes118
Size

262KB
MD5

fd35548796ef4e78062730e50848638f
SHA1

4809070e7f7d7e2bd5f3c47a69204b2e383d24dc
SHA256

e12c6c0720f37fde339f3eaf42f3212d0e9696c19b6505a5ba94ab539273ae59
SHA512

e3964953cce06557734d933031640c97782b09d6e1e8858d112449fbeba8aae8ef9ae1b58efde06d2ee206f64009fb6b5f2e62b45e13b8fab900dfba123f6143
SSDEEP

6144:4jensF1EqO+JtFFvXdpO/iyYxiS3+J+jnCEGskKS:4jesF1Y+RFXdpO/iykJjnCEpS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd35548796ef4e78062730e50848638f_JaffaCakes118

Files

fd35548796ef4e78062730e50848638f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3037a25abff9cf92a4f7737165d86682

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFolderPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

DestroyWindow
IsWindow
GetDlgItem
SendMessageA
CreateWindowExW
EnumChildWindows
GetWindowThreadProcessId

kernel32

AddAtomA
SetLastError
TerminateProcess
GetFileType
HeapCreate
GetSystemTimeAsFileTime
InterlockedExchange
FreeEnvironmentStringsW
GetEnvironmentStringsW
VirtualFree
GetLocaleInfoA
GetOEMCP
UnhandledExceptionFilter
HeapSize
VirtualAlloc
GetStartupInfoA
GetCurrentProcessId
GetVersionExA
IsBadWritePtr
EnumResourceNamesW
GetCPInfo
GetStdHandle
FreeEnvironmentStringsA
TlsGetValue
TlsAlloc
SetHandleCount
lstrcatW
TlsFree
GetModuleFileNameA
WriteFile
VirtualQuery
HeapDestroy
TlsSetValue
QueryPerformanceCounter
GetEnvironmentStrings
SetEndOfFile
GetSystemInfo
GetCurrentProcess
GetACP
SetUnhandledExceptionFilter

iphlpapi

GetIpAddrTable

Sections

.text
Size: 126KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3037a25abff9cf92a4f7737165d86682

Headers

File Characteristics

Imports

shell32

mprapi

newdev

setupapi

user32

kernel32

iphlpapi

Sections

.text Size: 126KB - Virtual size: 273KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 133KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 126KB - Virtual size: 273KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 133KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB