29243a37184f8fb0cd70192f2e8917b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29243a37184f8fb0cd70192f2e8917b2_JaffaCakes118
Size

128KB
MD5

29243a37184f8fb0cd70192f2e8917b2
SHA1

4f5b953e23335b1d619b9a1f8c9e34a0f4dcb22b
SHA256

d5860f9d4c533bd7c0fa41b8305a9c7f52605c7f8f301230b6bd53eaa1056358
SHA512

758e0efe65c5fb0aaa9dd07132c892dc43834d7b8a0156a57b2dd75217eb2f9999ccc18f4a3d80a7699fdb0a66a297960df4ef309e7112539eb60b3720ffc327
SSDEEP

3072:mYRGKqIVwvhoL59217xZHNaeb87iQMOWM6fewHy:J77LH2ZbythxRyy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29243a37184f8fb0cd70192f2e8917b2_JaffaCakes118

Files

29243a37184f8fb0cd70192f2e8917b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

047e06717dd52ff91416a508c77a4a89

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ReplyMessage
OpenIcon
WindowFromPoint

kernel32

GetUserDefaultLangID
LockResource
CopyFileA
GetPrivateProfileIntA
SetFileAttributesA
GetPrivateProfileStringA
lstrlenA
ExitProcess
GlobalLock
GetVersionExA
GetAtomNameA
SetEvent
AddAtomA
lstrlenW
OpenEventA
Sleep
GlobalUnlock
RemoveDirectoryA
SetLastError
LoadResource
GetCommandLineA
HeapCreate
ValidateLocale
SetErrorMode
FormatMessageA
GetModuleHandleA
CreateProcessA
SleepEx
GetShortPathNameA
GetTempFileNameA
GetTempPathA
HeapDestroy
HeapAlloc
RtlUnwind
GlobalFree
HeapFree
MultiByteToWideChar
CompareStringA
InterlockedDecrement
CreateDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetStartupInfoA
CreateFileA
DeleteFileA
CompareStringW
GlobalAlloc
LocalFree
FindResourceExA
lstrcpyA
CloseHandle
GetFileAttributesA
ReadFile
FindResourceA
lstrcatA
RegisterWowExec
WideCharToMultiByte
WaitForSingleObject
GetLastError
GetSystemTimeAdjustment
GetSystemDirectoryA
CallNamedPipeW
Sleep
EnumResourceTypesA
GetStringTypeExA
GetTimeFormatA
PeekNamedPipe

oleaut32

SysAllocStringLen
SysFreeString
SysReAllocStringLen

ole32

CoFreeAllLibraries
CoCreateInstance
CoUninitialize
CoInitialize

gdi32

UnrealizeObject

advapi32

RegEnumKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegQueryValueExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text1
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

047e06717dd52ff91416a508c77a4a89

Headers

File Characteristics

Imports

user32

kernel32

oleaut32

ole32

gdi32

advapi32

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 9KB

.rsrc Size: 2KB - Virtual size: 2KB

.text1 Size: 112KB - Virtual size: 112KB

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 2KB

.text1
Size: 112KB - Virtual size: 112KB