29383b524215b8594e112fe0812bb852_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29383b524215b8594e112fe0812bb852_JaffaCakes118
Size

79KB
MD5

29383b524215b8594e112fe0812bb852
SHA1

617c5572845a08713194dc36e406068ddfae9e99
SHA256

fd925801a88f35f34521fbe22650600cb275ffae3f84b482f1dd11b039c420e0
SHA512

b01bd821e991f581427efb9d73d5b1748727458433d6cdb87a1f5d806abcd8f177250d8ed597a0cb4085041015f40d58ee2a87188968245db498efd859fed973
SSDEEP

1536:JyJ1yCSzAdyBzm7xR3TIyWFjrK0zWGmoj7mOlqCuktl+6lsspYAFCozPQM:n8y0j3TIya3K0Ojkjlf3B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29383b524215b8594e112fe0812bb852_JaffaCakes118

Files

29383b524215b8594e112fe0812bb852_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc380d1f1026926aeb773388f52afe93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
DeleteFileA
LoadLibraryA
GetModuleHandleW
VirtualAlloc
CreateFileA
MapViewOfFileEx
GetTempFileNameA
FindResourceW
GetPrivateProfileSectionW
GetProcAddress
GetModuleHandleA
Heap32First
HeapDestroy
VirtualProtect
ExitThread
GetLastError

msvcrt

__p__environ
_findclose
wcsspn
_fdopen
_strncoll
_putenv
_stati64
memchr
_wrename
is_wctype
_msize
_chdrive
_mbcasemap
_ismbcspace
__p__fmode
__iscsymf
??_7bad_typeid@@6B@
memcpy
__p__dstbias
ispunct
isupper
isspace
islower
memset
_endthread

user32

SetWindowPos
CreateDialogParamW
OpenClipboard
RemoveMenu
SetClipboardData
GetClipboardData
PostMessageW
PrivateExtractIconsW
LoadStringW
LoadStringA
GetWindowTextW
ModifyMenuW
CloseClipboard
GetSubMenu

opengl32

glNormalPointer
glCallList
glRasterPos3i
wglCreateLayerContext
glColor3f
glTexGeni
glGetTexParameteriv
glTexCoord2i
glGetPixelMapuiv
wglUseFontOutlinesW
wglGetDefaultProcAddress
glNormal3dv
glAccum
glColor3uiv
glAreTexturesResident
glEnd
glRectd

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crt
Size: 1024B - Virtual size: 537B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 22B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.media
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dude
Size: 512B - Virtual size: 57B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1010B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc380d1f1026926aeb773388f52afe93

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

opengl32

Sections

.text Size: 35KB - Virtual size: 35KB

.rdata Size: 3KB - Virtual size: 2KB

.edata Size: 512B - Virtual size: 115B

.crt Size: 1024B - Virtual size: 537B

.tls Size: 512B - Virtual size: 22B

.media Size: 512B - Virtual size: 69B

.dude Size: 512B - Virtual size: 57B

.data Size: 1024B - Virtual size: 1010B

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 512B - Virtual size: 92B

.text
Size: 35KB - Virtual size: 35KB

.rdata
Size: 3KB - Virtual size: 2KB

.edata
Size: 512B - Virtual size: 115B

.crt
Size: 1024B - Virtual size: 537B

.tls
Size: 512B - Virtual size: 22B

.media
Size: 512B - Virtual size: 69B

.dude
Size: 512B - Virtual size: 57B

.data
Size: 1024B - Virtual size: 1010B

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 512B - Virtual size: 92B