29278c511e8f3546b8ac632840cf5679_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29278c511e8f3546b8ac632840cf5679_JaffaCakes118
Size

280KB
MD5

29278c511e8f3546b8ac632840cf5679
SHA1

e9b34cce54763a18162844372b92cc1879cc3340
SHA256

f487931b59d48141554f9a463e1e62cb8766732bba97f7aed2f1cdcce648858f
SHA512

15974247ec8a1cd7144b1b6d2ed04e10a45641e5bbcd35a933ad7af4468aa1869b483a2f005e529d79877c4048cbd170f5630419d1bd7ce06a3625900015982a
SSDEEP

3072:SbbssBk/qB9D2OaXT3lkieFCyz37cTCfD1lgqWek2dnyzy5e/DfAU8Ta5pqHpGzg:mBk/qRykFWfqWrBy54f7V5RknR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29278c511e8f3546b8ac632840cf5679_JaffaCakes118

Files

29278c511e8f3546b8ac632840cf5679_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93f0002383af033e696496f8117b208d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessTimes
MoveFileW
DeleteFiber
GetSystemDirectoryW
ReadFile
lstrcpynA
SetConsoleCursorPosition
SetConsoleMode
FormatMessageA
GetLongPathNameA
GetTempPathW
PeekConsoleInputW
AllocConsole
GetVolumeInformationW
GetACP
FormatMessageW
EnumCalendarInfoA
ReadDirectoryChangesW
_lopen
GetProcessHeap
FreeEnvironmentStringsA
FindCloseChangeNotification
ExitProcess
IsBadReadPtr
GetCommandLineA
GetVersionExA
lstrlenA
VirtualProtect
GlobalFlags

user32

GetUpdateRect
SetCursor

gdi32

StartDocW
CreateDIBitmap
GetTextCharacterExtra
GetMapMode
GetPixel
GetEnhMetaFileDescriptionA
GetTextCharsetInfo

comdlg32

ChooseColorW
GetSaveFileNameW

advapi32

GetServiceDisplayNameA
RegSaveKeyW
SetServiceStatus
ImpersonateNamedPipeClient
LookupPrivilegeNameA

shell32

SHGetPathFromIDListA
SHGetSettings

ole32

OleSaveToStream

oleaut32

LoadTypeLibEx
LoadTypeLi
VariantCopy
SysAllocStringLen
SafeArrayRedim

comctl32

ImageList_DragLeave
ImageList_GetIcon

shlwapi

ChrCmpIW
SHRegGetUSValueW
PathRelativePathToA
PathIsRootA
StrTrimA
PathRemoveFileSpecW
PathCompactPathExW
SHOpenRegStream2W
PathRemoveBlanksA
PathRenameExtensionW

setupapi

SetupDiEnumDriverInfoA
SetupDiSetDeviceInstallParamsA
SetupDiEnumDriverInfoW
SetupDiGetClassDevsExW

Sections

.text
Size: 264KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

93f0002383af033e696496f8117b208d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 264KB - Virtual size: 260KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 5KB

.text
Size: 264KB - Virtual size: 260KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 5KB