JaffaCakes118_e23dc3a1f8c8825beb26da84155d95a5

General

Target

JaffaCakes118_e23dc3a1f8c8825beb26da84155d95a5
Size

174KB
MD5

e23dc3a1f8c8825beb26da84155d95a5
SHA1

5c5747be237baad84de70ba1be201d475126b0e0
SHA256

6f6fdec642ec337eeec0531766855e454f3ecc71167b80502938e403ef4433ac
SHA512

0f19304f095720144747a6187a86c2bc1060eed667c4a0bcb31db6bf96fdfb93e886119b303c88d80ce7e55e3838e02f64f1365bae1ead19f26607d9952a384a
SSDEEP

3072:UrfYzwsdSeS76dcTCJucnLn3i7NLJiRZEKSnbh8TNsWX+HA4yqm:5zwj77zaS71M2nKsWXrp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e23dc3a1f8c8825beb26da84155d95a5

Files

JaffaCakes118_e23dc3a1f8c8825beb26da84155d95a5
.exe windows:4 windows x86 arch:x86

9625fc18b73cf89b5543912d965b99fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Global_State
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shell32

SHGetFolderPathW

newdev

UpdateDriverForPlugAndPlayDevicesW

user32

IsWindow
DestroyWindow
EnumChildWindows
GetDlgItem
CreateWindowExW
SendMessageA
GetWindowThreadProcessId

kernel32

TerminateProcess
SetEndOfFile
SetHandleCount
GetModuleFileNameA
GetSystemInfo
AddAtomA
GetVersionExA
TlsAlloc
QueryPerformanceCounter
GetLocaleInfoA
GetCurrentProcessId
GetEnvironmentStrings
HeapDestroy
VirtualFree
IsBadWritePtr
GetCurrentProcess
TlsFree
SetLastError
HeapSize
VirtualQuery
GetEnvironmentStringsW
EnumResourceNamesW
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
GetFileType
lstrcatW
GetACP
TlsSetValue
GetCPInfo
GetStartupInfoA
InterlockedExchange
HeapCreate
WriteFile
TlsGetValue
GetStdHandle
GetOEMCP
UnhandledExceptionFilter
VirtualAlloc
FreeEnvironmentStringsW
SetUnhandledExceptionFilter

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

iphlpapi

GetIpAddrTable

Sections

.text
Size: 86KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9625fc18b73cf89b5543912d965b99fb

Headers

File Characteristics

Imports

setupapi

shell32

newdev

user32

kernel32

mprapi

iphlpapi

Sections

.text Size: 86KB - Virtual size: 241KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 84KB - Virtual size: 84KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 86KB - Virtual size: 241KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 84KB - Virtual size: 84KB

.rsrc
Size: 512B - Virtual size: 4KB