JaffaCakes118_4308be7ca53eaeb21e61bb1f087951b3

General

Target

JaffaCakes118_4308be7ca53eaeb21e61bb1f087951b3
Size

177KB
MD5

4308be7ca53eaeb21e61bb1f087951b3
SHA1

a0ad592c2099ae4b1ae73f00a3f8a0ca8094ae90
SHA256

2b9f6fa900c4270da970a4fd2c6f9a9a44b9d7f1d24b673f8e45fb53a36a461b
SHA512

8e5bc86b1916b7f1f5bca12411c6d863ea543d70d219b7e9ce7881c28ca3332e3517fb0911d0c7602215d8509b621fefbdafa5104a61219fb580658fb96622bc
SSDEEP

3072:kVATXvSDuU9v1/7Dr59+l/Yj1gYQQvlmBcjb3+NkgNH+k6c3MckyYKrqn:kVAeCM9n59+pYjhtIBcjb3+KgNLRMckd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_4308be7ca53eaeb21e61bb1f087951b3

Files

JaffaCakes118_4308be7ca53eaeb21e61bb1f087951b3
.exe windows:4 windows x86 arch:x86

840e27d26d5f30566d2276b488a070d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

iphlpapi

GetIpAddrTable

kernel32

GetCurrentProcess
TlsFree
TerminateProcess
AddAtomA
GetSystemTimeAsFileTime
GetOEMCP
GetStdHandle
GetEnvironmentStringsW
TlsGetValue
UnhandledExceptionFilter
HeapSize
TlsSetValue
GetCurrentProcessId
TlsAlloc
HeapDestroy
GetSystemInfo
SetLastError
GetFileType
EnumResourceNamesW
WriteFile
GetLocaleInfoA
GetModuleFileNameA
GetCPInfo
VirtualAlloc
lstrcatW
SetEndOfFile
FreeEnvironmentStringsW
VirtualQuery
GetStartupInfoA
GetEnvironmentStrings
InterlockedExchange
IsBadWritePtr
VirtualFree
GetVersionExA
GetACP
SetHandleCount
QueryPerformanceCounter
HeapCreate
FreeEnvironmentStringsA
SetUnhandledExceptionFilter

user32

CreateWindowExW
SendMessageA
GetDlgItem
DestroyWindow
IsWindow
EnumChildWindows
GetWindowThreadProcessId

Sections

.text
Size: 87KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

840e27d26d5f30566d2276b488a070d1

Headers

File Characteristics

Imports

mprapi

setupapi

shell32

newdev

iphlpapi

kernel32

user32

Sections

.text Size: 87KB - Virtual size: 242KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 87KB - Virtual size: 242KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 512B - Virtual size: 4KB