JaffaCakes118_0fc2b98cfb24bbfbbdfdb5b5977eda66

General

Target

JaffaCakes118_0fc2b98cfb24bbfbbdfdb5b5977eda66
Size

281KB
MD5

0fc2b98cfb24bbfbbdfdb5b5977eda66
SHA1

fa0aae2db8b9df67aa72687e9f6d6299723404e9
SHA256

7f3ad22dc3f87ef66820073e19ba18b4a5c7bebe116064357925e1fd086d8046
SHA512

ca33e8282df8cc25613123ad9c00eb963eef855faeab1c012d75dad038fce3b278767d9df4a31f9411b3e02636535722e26835ff2303650647e0dabe95652e57
SSDEEP

6144:FrItOCOnuagl3h/KZVLi9adKAjgta1Bc2jA1TFdPYT:PNuaMcow1gKFyTP8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_0fc2b98cfb24bbfbbdfdb5b5977eda66

Files

JaffaCakes118_0fc2b98cfb24bbfbbdfdb5b5977eda66
.exe windows:4 windows x86 arch:x86

7de75ea0e5e2d00827f86284515c59fa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyWindow
IsWindow
SendMessageA
GetDlgItem
EnumChildWindows
CreateWindowExW
GetWindowThreadProcessId

iphlpapi

GetIpAddrTable

kernel32

UnhandledExceptionFilter
VirtualAlloc
GetOEMCP
InterlockedExchange
HeapSize
AddAtomA
SetLastError
TlsAlloc
GetCurrentProcess
HeapDestroy
GetStdHandle
GetSystemInfo
VirtualFree
GetModuleFileNameA
SetEndOfFile
GetCPInfo
HeapCreate
QueryPerformanceCounter
EnumResourceLanguagesA
TlsSetValue
IsBadWritePtr
GetEnvironmentStrings
GetLocaleInfoA
TerminateProcess
GetFileType
FreeEnvironmentStringsA
GetACP
TlsFree
GetNumberFormatW
GetVersionExA
TlsGetValue
FreeEnvironmentStringsW
GetCurrentProcessId
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetStartupInfoA
VirtualQuery
WriteFile
SetHandleCount
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW

setupapi

CM_Get_Parent
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

newdev

UpdateDriverForPlugAndPlayDevicesW

Sections

.text
Size: 143KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7de75ea0e5e2d00827f86284515c59fa

Headers

File Characteristics

Imports

user32

iphlpapi

kernel32

shell32

setupapi

mprapi

newdev

Sections

.text Size: 143KB - Virtual size: 278KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 135KB - Virtual size: 134KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 143KB - Virtual size: 278KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 135KB - Virtual size: 134KB

.rsrc
Size: 512B - Virtual size: 4KB