29394060416603983804aec4017b80b8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29394060416603983804aec4017b80b8_JaffaCakes118
Size

88KB
MD5

29394060416603983804aec4017b80b8
SHA1

41cec352c20acf32d568221c89e924e80cc6adff
SHA256

3375d32f8535804cfe95e7aa114d598ad9348116f130877f4cc9b6822118e775
SHA512

9609bcf733d3099bd595a36bc5a3c8514c1b4aab9d336c039d147415df5264ec333dcfc7a4cc29818963bb1d8b89925040145279933b2e8025ed0ee0b6df59ac
SSDEEP

1536:TPWQd4tZd6WVyaiJyT3nmDUTp1jHAGdcHPf4U9XZduur2mOdfv4nuRxR9/:zWd/dpVJiJyT3e6pRSdJwmHuRxH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29394060416603983804aec4017b80b8_JaffaCakes118

Files

29394060416603983804aec4017b80b8_JaffaCakes118
.exe windows:5 windows x86 arch:x86

00528766827a0588d8f54df7b2ea3002

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostQuitMessage
EqualRect
SetWindowTextA
UnhookWindowsHookEx
GetSysColor
SetWindowPos
EnableMenuItem
GetScrollPos
GetMessageA
EnumWindows
GetSubMenu
FrameRect
GetSysColorBrush

kernel32

GetCurrentProcessId
VirtualAllocEx
SetUnhandledExceptionFilter
GetFileAttributesA
GetTickCount
GetStartupInfoA
GetOEMCP
QueryPerformanceCounter
GetACP
ExitProcess
GetTempPathA
RtlUnwind
GetTimeZoneInformation
FileTimeToSystemTime
GetThreadLocale
InterlockedExchange

gdi32

FillRgn
SelectClipPath
CreateICW
CopyEnhMetaFileA
SetViewportExtEx
CreateCompatibleBitmap
DPtoLP
GetMapMode
ExcludeClipRect

ole32

StgOpenStorage
CoInitializeSecurity
CoRevokeClassObject
DoDragDrop
CoTaskMemRealloc
CoInitialize
OleRun
StringFromGUID2
CoCreateInstance

advapi32

CryptHashData
AdjustTokenPrivileges
GetSecurityDescriptorDacl
QueryServiceStatus
GetUserNameA
RegCreateKeyA
RegQueryValueExW
CheckTokenMembership
FreeSid
RegCreateKeyExW

msvcrt

_mbscmp
_fdopen
_strdup
raise
iswspace
_lock
__getmainargs
puts
strncpy
fprintf
signal
fflush
_CIpow
strcspn
_flsbuf
__initenv
strlen
__setusermatherr

comctl32

ImageList_DrawEx
ImageList_GetIcon
ImageList_GetBkColor
ImageList_LoadImageW
ImageList_ReplaceIcon
ImageList_LoadImageA
ImageList_SetIconSize
ImageList_GetIconSize
CreatePropertySheetPageA
ImageList_Write
ImageList_DragEnter
ImageList_Destroy
InitCommonControls

shell32

ShellExecuteW
ExtractIconExW
DragAcceptFiles
SHBrowseForFolderA
DragQueryFileW
ExtractIconW
CommandLineToArgvW
DoEnvironmentSubstW
SHGetPathFromIDList
DragQueryFileA
ShellExecuteEx

oleaut32

SysReAllocStringLen
SafeArrayCreate
SafeArrayPutElement
VariantCopy
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayUnaccessData
SafeArrayRedim

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

00528766827a0588d8f54df7b2ea3002

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

advapi32

msvcrt

comctl32

shell32

oleaut32

Sections

.text Size: 37KB - Virtual size: 36KB

.data Size: 44KB - Virtual size: 44KB

.rsrc Size: 6KB - Virtual size: 80KB

.text
Size: 37KB - Virtual size: 36KB

.data
Size: 44KB - Virtual size: 44KB

.rsrc
Size: 6KB - Virtual size: 80KB