JaffaCakes118_cc1e4f25332b5c25e6542bdb0c360623

General

Target

JaffaCakes118_cc1e4f25332b5c25e6542bdb0c360623
Size

177KB
MD5

cc1e4f25332b5c25e6542bdb0c360623
SHA1

3a21c7b92ab34efd3378121c34e36ca3a355d5af
SHA256

1985eedd9c2ea987f4fabed9c91886f1db7ab47007bdc3323382a83ea36b12b9
SHA512

348d57d920d6418c8506c0a8f1a877f13cf3300f42624f707580faca8ea73caef6225556ced2ea97d3ac5ed39341ebd943251c3374541d8e1d976d56ab0dd94b
SSDEEP

3072:pHNcIPMhL3lidh0FQzZdrhoslmqCt7Hzh8Ovr9pYPaQqn24f7OMcg:ptdPMZKhuQldh/BCxek92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_cc1e4f25332b5c25e6542bdb0c360623

Files

JaffaCakes118_cc1e4f25332b5c25e6542bdb0c360623
.exe windows:4 windows x86 arch:x86

8d2d98b89a6e052785fe233b2097442f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

user32

DestroyWindow
SendMessageA
EnumChildWindows
GetDlgItem
CreateWindowExW
IsWindow
GetWindowThreadProcessId

iphlpapi

GetIpAddrTable

shell32

SHGetFolderPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

kernel32

InterlockedExchange
HeapDestroy
AddAtomA
FreeEnvironmentStringsW
SetHandleCount
GetOEMCP
TerminateProcess
GetACP
TlsSetValue
TlsFree
GetModuleFileNameA
GetCPInfo
FreeEnvironmentStringsA
TlsGetValue
GetCurrentProcess
HeapSize
GetFileType
IsBadWritePtr
GetCurrentProcessId
EnumResourceNamesW
GetSystemInfo
SetEndOfFile
GetStartupInfoA
VirtualFree
GetVersionExA
lstrcatW
QueryPerformanceCounter
TlsAlloc
GetEnvironmentStringsW
UnhandledExceptionFilter
HeapCreate
WriteFile
SetLastError
GetSystemTimeAsFileTime
GetStdHandle
VirtualQuery
VirtualAlloc
GetLocaleInfoA
GetEnvironmentStrings
SetUnhandledExceptionFilter

Sections

.text
Size: 88KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d2d98b89a6e052785fe233b2097442f

Headers

File Characteristics

Imports

setupapi

user32

iphlpapi

shell32

mprapi

newdev

kernel32

Sections

.text Size: 88KB - Virtual size: 240KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 240KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 512B - Virtual size: 4KB