29392d80c9271ba83913fde1c0defe44_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29392d80c9271ba83913fde1c0defe44_JaffaCakes118
Size

6.7MB
MD5

29392d80c9271ba83913fde1c0defe44
SHA1

685bdba92f6e7195be5badbd22318cf1bb72d348
SHA256

1e1caca938501677b346dc4302816ea1ab6d53f222afb9c42452d485737d078d
SHA512

4035f1362be2505ea50dd165f1aedb09df3f9e097e80396431e824d3cfb3cda3d598436fedcea20e6eae18c87b83039a03000bb2aeaaf7c7e9f8b00f6a91d7c2
SSDEEP

196608:Gabdc3ytBaf4il6w09Nnhh2PSYkG6gNOcU/N1Uj:GaxfnafL8dDhq/ke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29392d80c9271ba83913fde1c0defe44_JaffaCakes118

Files

29392d80c9271ba83913fde1c0defe44_JaffaCakes118
.exe windows:4 windows x86 arch:x86

03d9906e51708626d98a417cb68fa1cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceLanguagesW
SetLastError
CreateEventA
SearchPathW
GetCurrentProcess
GetCPInfo
InitializeCriticalSection
ReadConsoleA
CreateFileW
ClearCommBreak
GlobalFindAtomW
CreateMutexA
GetHandleInformation
CreateWaitableTimerA
lstrcmpiA
FreeEnvironmentStringsA
SetCommTimeouts
GetTickCount
ReleaseSemaphore
EnumSystemCodePagesW
RemoveDirectoryA
GetLargestConsoleWindowSize
UnhandledExceptionFilter
SetThreadLocale
GetProfileStringA
CopyFileExW
GetNumberFormatW
ReadFile
GetPrivateProfileStringA
GetSystemDefaultLangID
SetThreadAffinityMask
DebugBreak
GetModuleFileNameW
SetEnvironmentVariableA
OutputDebugStringA
SetEnvironmentVariableW
FileTimeToLocalFileTime
SetConsoleMode
SetVolumeLabelA
LeaveCriticalSection
GetUserDefaultLCID
SystemTimeToFileTime
EnumResourceNamesW
AreFileApisANSI
GetModuleHandleA
lstrcpynA
MoveFileW
SetThreadPriorityBoost
DeleteCriticalSection
WritePrivateProfileStringA
GetCurrentDirectoryW
CompareStringW
GetPrivateProfileStringW
FreeLibrary
_lclose
GetStartupInfoA
GetPrivateProfileSectionW
WriteFile
GlobalDeleteAtom
FindFirstFileExW
GetACP
GetBinaryTypeW
CancelIo
SetProcessShutdownParameters
FatalAppExitA
WritePrivateProfileSectionA
CreateDirectoryA
VirtualLock
ExitProcess
LocalSize
lstrcatW
GetProcessHeap
QueryDosDeviceA
EnumTimeFormatsW
GetProcessTimes
GetAtomNameA
FreeLibraryAndExitThread
IsValidLocale
RemoveDirectoryW
EnumResourceNamesA
LCMapStringA
GetThreadContext
CreateDirectoryW
GetCommState
CreateNamedPipeW
GetFileType
OpenMutexA
LoadLibraryExA
ReadConsoleInputW
EraseTape
GetFileAttributesA

user32

LoadCursorW
DragDetect
CharToOemW
CascadeWindows
MonitorFromPoint
CharNextW
EndDialog
RedrawWindow
CreateIconIndirect
PtInRect
HiliteMenuItem
GetWindowWord
ChildWindowFromPointEx
DestroyCaret
CharUpperBuffW
ScrollDC
SetUserObjectInformationW
SendMessageTimeoutW
OpenClipboard
MsgWaitForMultipleObjects
CountClipboardFormats
GetMessageW
IsWindowUnicode
IsCharLowerW
GetCapture
WindowFromDC

gdi32

CreateMetaFileA
InvertRgn
OffsetClipRgn
GetDeviceCaps
RectInRegion
EqualRgn
DeleteObject
EnumEnhMetaFile
GetTextExtentPointW
GetTextExtentPoint32W
GetMapMode
WidenPath
GetDIBits
CreateMetaFileW
SelectObject
StrokeAndFillPath
CopyEnhMetaFileA

comdlg32

ChooseFontA
ReplaceTextW

advapi32

LogonUserW

shell32

DragQueryPoint
DragFinish
ShellExecuteA

ole32

CoMarshalInterThreadInterfaceInStream
OleInitialize
CoCreateInstance
OleSave

oleaut32

SafeArrayGetLBound
SafeArrayUnaccessData
SetErrorInfo
VariantCopy
SysFreeString

comctl32

ImageList_Draw
CreateToolbarEx
ImageList_Remove
ImageList_DragShowNolock

Sections

.text
Size: 4KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03d9906e51708626d98a417cb68fa1cf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 4KB - Virtual size: 6.4MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 6.4MB - Virtual size: 6.4MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 4KB - Virtual size: 6.4MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 6.4MB - Virtual size: 6.4MB

.rsrc
Size: 68KB - Virtual size: 66KB