f29be55be76ca46deedca1025bfe3a94_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f29be55be76ca46deedca1025bfe3a94_JaffaCakes118
Size

135KB
MD5

f29be55be76ca46deedca1025bfe3a94
SHA1

9cec917b2041542fac311da0aeeaa678f48c9199
SHA256

786f96ccdaa25c6c9e6b4878c721de3ea5ea88e220242a51206ca49b3978ed7e
SHA512

f7f5d9e41c0e9519f15fb92da23efbb4eed0ec7934496c63458171b147207270eac36fc474bf47d374c75ed7ad313632b80a4d3f8c2b936606ea6ecf884e8937
SSDEEP

3072:8wHezQ9vPw6nEC1fIhcT7kWyM2wk4/yx+rDa:FzFGcTd6wJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f29be55be76ca46deedca1025bfe3a94_JaffaCakes118

Files

f29be55be76ca46deedca1025bfe3a94_JaffaCakes118
.exe windows:5 windows x86 arch:x86

25308472ed10a2161e829c4a104c00c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy

shlwapi

StrDupW
StrCmpNA
ord155
SHRegGetPathW
SHRegEnumUSKeyA
StrFormatByteSizeA

shell32

ord103
SHGetFolderPathA

kernel32

LoadLibraryA
GetSystemInfo
lstrcmpiW
lstrcatW
GetTempPathA
GetFileSize
SearchPathW
SetFilePointer
PeekNamedPipe
SetEndOfFile
GetProcAddress
SetFileShortNameW
CopyFileW
HeapDestroy
GetNamedPipeInfo
GetBinaryTypeW
FindClose
_hwrite
GlobalMemoryStatusEx
WaitForMultipleObjects
GetThreadPriority
WaitCommEvent
GetCurrentThreadId
ReleaseMutex
FindAtomW
lstrcpyA
lstrcmpiA
GetSystemTimeAdjustment
GetModuleHandleW
FindResourceA
LocalFileTimeToFileTime
FileTimeToSystemTime
FormatMessageW
_lcreat
DosDateTimeToFileTime
FileTimeToDosDateTime
FindResourceExW

user32

RemovePropW
EnumPropsW
EndPaint
GetWindow
SetWindowPos
CreateIconFromResource
CharUpperBuffA
IsCharAlphaNumericW
CharUpperA
MapDialogRect
SetActiveWindow
PrivateExtractIconsW
SetWindowPlacement
DeleteMenu
InvalidateRgn
SendMessageA
GetMenuItemInfoW
BeginPaint
TranslateMessage
LockWindowUpdate
GetCursorInfo
SetPropA
SetScrollPos
PeekMessageA
ReleaseDC
TranslateAcceleratorA
GetWindowRgn
LoadAcceleratorsA
SetWindowTextW
LoadCursorFromFileA
GetDC
GetDesktopWindow
PostMessageW
GetPropW
DispatchMessageA

gdi32

UpdateColors
SetTextCharacterExtra
OffsetClipRgn
AngleArc
SetBkColor
LineTo
Polyline
GetSystemPaletteEntries
GetTextExtentPointA
CreateScalableFontResourceA
SetBoundsRect
DeleteDC
ExcludeClipRect
CreateDCW
GetCharWidthW
CreateCompatibleBitmap
GetBitmapBits

advapi32

IsValidSid
EqualSid
PrivilegedServiceAuditAlarmA
ObjectCloseAuditAlarmW
EqualPrefixSid

Exports

Exports

_Copy_Bmp@12
_Create_Bmp@12
_Set_Bmp@12
_Update_Bmp@12

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vars
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

IMPORT
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 686B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

25308472ed10a2161e829c4a104c00c0

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 8KB

.code Size: 4KB - Virtual size: 3KB

.data Size: - Virtual size: 160B

.vars Size: 512B - Virtual size: 404B

.zero Size: 512B - Virtual size: 512B

IMPORT Size: 3KB - Virtual size: 3KB

.rsrc Size: 116KB - Virtual size: 115KB

.reloc Size: 1024B - Virtual size: 686B

.text
Size: 9KB - Virtual size: 8KB

.code
Size: 4KB - Virtual size: 3KB

.data
Size: - Virtual size: 160B

.vars
Size: 512B - Virtual size: 404B

.zero
Size: 512B - Virtual size: 512B

IMPORT
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 116KB - Virtual size: 115KB

.reloc
Size: 1024B - Virtual size: 686B