29636648b954eac3d50a1b3c441df158_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29636648b954eac3d50a1b3c441df158_JaffaCakes118
Size

356KB
MD5

29636648b954eac3d50a1b3c441df158
SHA1

3135181377497ff0e065be924c24f36ebb37e932
SHA256

357ed9cfee4748061d97829aab9394ca2807319e5ba3c38f00c37b669081b4a2
SHA512

004fca6709bea96d5a395e86c67792bfee38a0f9a4d1f3a7e23c053be60d41083e0575bd522c32f0b01b57ac60f26c6b2a5c3e4ff97d858d59c490c85b3b176a
SSDEEP

6144:Z4Sv+12edhKIDl4gggyN8aVbDb7CTVUwfEMjlhQjL46bPSz3:8ZdhKIZugyrtDbWxlfEMTq4kPST

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29636648b954eac3d50a1b3c441df158_JaffaCakes118

Files

29636648b954eac3d50a1b3c441df158_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2f8c37cd9360e8d83a7010d49d3a8f0c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetLargestConsoleWindowSize
ExitProcess
SetConsoleOutputCP
GlobalUnlock
GetSystemDirectoryW
GetCommConfig
lstrcmpA
SetupComm
GetLogicalDriveStringsA
WriteProcessMemory
GetModuleHandleA
SetCurrentDirectoryA
LocalSize
PulseEvent
VirtualQuery
lstrcmpiW
GetTempFileNameA
GetHandleInformation
WriteFile
CreateIoCompletionPort
lstrcpyA
GetFullPathNameA
FindFirstFileW
IsDBCSLeadByteEx
GetUserDefaultLCID
CreateWaitableTimerA
GetComputerNameW
GetWindowsDirectoryA
FreeResource
TlsGetValue
GetProcessTimes
GetCommandLineA
GetVersionExA
VirtualProtect
GlobalAddAtomA

user32

SetScrollRange
GetNextDlgGroupItem
RegisterClipboardFormatA
TabbedTextOutW
EqualRect
OpenWindowStationW
GetMessageTime
SetPropA
CharLowerA
GetCursorPos
EndDialog
KillTimer
DefMDIChildProcW
EnumClipboardFormats
GetTabbedTextExtentW
DrawMenuBar
MsgWaitForMultipleObjects
LoadStringA
GetMenuState
SetUserObjectInformationW
RegisterClassExA
SystemParametersInfoA
EmptyClipboard
EnumDesktopWindows
SetKeyboardState
SetWindowTextW
CharUpperBuffW
SetMenuInfo
GetShellWindow
EndDeferWindowPos
DrawIconEx
GetLastActivePopup
ExitWindowsEx
ReleaseDC

gdi32

AddFontResourceA
GetGlyphOutlineW
StartDocW
GetTextExtentPointW
CreateICA
SetROP2
GetWinMetaFileBits
CreateEllipticRgn
CreateBrushIndirect
AbortDoc
LineTo
CloseMetaFile
DeleteMetaFile
GetTextAlign

advapi32

AccessCheckAndAuditAlarmW
StartServiceA
SetEntriesInAclA
LogonUserA
InitiateSystemShutdownA
QueryServiceConfigA
ClearEventLogW
RegQueryValueW
InitializeAcl
ControlService
SetSecurityDescriptorGroup
RegFlushKey
QueryServiceStatus
CryptHashData
LookupAccountNameA
RegRestoreKeyA
RegEnumKeyExW
RegLoadKeyA

ole32

OleSaveToStream
CoCreateInstanceEx
OleInitialize
StgSetTimes
OleCreateMenuDescriptor
CoGetObject

oleaut32

SysFreeString

shlwapi

PathCommonPrefixW
SHSetThreadRef
PathFileExistsA
PathRelativePathToW
StrCmpW

setupapi

SetupDiSetDeviceInstallParamsA

Sections

.text
Size: 304KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2f8c37cd9360e8d83a7010d49d3a8f0c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 304KB - Virtual size: 302KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 40KB

.text
Size: 304KB - Virtual size: 302KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 40KB