f29a65b25ce1588b4ee40e476459a5c6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f29a65b25ce1588b4ee40e476459a5c6_JaffaCakes118
Size

152KB
MD5

f29a65b25ce1588b4ee40e476459a5c6
SHA1

aba3ae5cf8b3ae19fc129a1dee77a94781bd23c4
SHA256

b8d0db94e958f8b2e8e9414288f921343eb22e8a55745a9d3e239e8cb911ad03
SHA512

3e9f385c359dde56f6f297c4b262d709f6081560a197cb50d1b1c461f097dfae836bcdf46aca78e3f211282807f1fdc11052392499fe811cee2efab71105f28b
SSDEEP

3072:deEUsYUcW1TR4dKjB4MTE+j2Jj1OQYeM4iOHakSf4YlGL1y8GP:d2ETR4G+cJMj1keMx8aDf47G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f29a65b25ce1588b4ee40e476459a5c6_JaffaCakes118

Files

f29a65b25ce1588b4ee40e476459a5c6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f874205e107a7285d2b5c4349920148b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\sample\install\Release\install.pdb

Imports

kernel32

lstrlenA
lstrcmpiA
GetVersion
LocalFree
lstrcpynA
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalFree
SetLastError
CreateEventA
WaitForSingleObject
SetThreadPriority
ResumeThread
GetCurrentThreadId
SetEvent
SuspendThread
GetLastError
InterlockedDecrement
InterlockedIncrement
GetModuleFileNameA
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrcmpA
GetProcAddress
GetModuleHandleA
lstrcmpW
lstrcatA
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GlobalFlags
lstrcpyA
GetCPInfo
GetOEMCP
FlushFileBuffers
GetCurrentProcess
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitThread
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CreateThread
FindFirstFileA
DeleteFileA
SetFilePointer
WriteFile
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetTempPathA
FindResourceA
LoadResource
LockResource
SizeofResource
Sleep
GetExitCodeThread
TerminateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
RaiseException
InterlockedExchange

user32

GetDlgItem
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassInfoExA
GetClassLongA
GetCapture
WinHelpA
RegisterWindowMessageA
SetWindowTextA
DestroyMenu
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetTopWindow
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetWindowTextA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
SetWindowsHookExA
CallNextHookEx
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
CharLowerA
PostMessageA
LoadIconA
UpdateWindow
ShowWindow
CreateWindowExA
SendMessageA
MessageBoxA
SetTimer
KillTimer
DefWindowProcA
PostQuitMessage
EndPaint
BeginPaint
RegisterClassExA
LoadCursorA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
LoadStringA
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetFocus
GetSystemMetrics

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

ord17

wininet

InternetSetOptionA
InternetOpenA
InternetOpenUrlA
HttpQueryInfoA
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable

ws2_32

WSACleanup
WSAStartup

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

CreateBitmap
GetStockObject
ScaleViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
SaveDC
RestoreDC
DeleteDC
SetTextColor
SetMapMode
GetClipBox
DeleteObject
SetBkColor
PtVisible
RectVisible
TextOutA
ExtTextOutA
SetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
GetDeviceCaps

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f874205e107a7285d2b5c4349920148b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

comctl32

wininet

ws2_32

oleacc

gdi32

winspool.drv

oleaut32

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 8KB - Virtual size: 22KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 8KB - Virtual size: 22KB

.rsrc
Size: 28KB - Virtual size: 25KB