29b42f2c46cf57080ab96fad08c102b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29b42f2c46cf57080ab96fad08c102b6_JaffaCakes118
Size

271KB
MD5

29b42f2c46cf57080ab96fad08c102b6
SHA1

c2bb6bad4bb59492da3dec2005dfabe34e31af2b
SHA256

3fc1ab9fee5c45f964f825790e66bdd17e2a374183430fc204c94af7a8567760
SHA512

c66c07063cbd84280f29f26bb61c09a23f66e64e50308eb0baa7a04599ade8f239e2dfd49a763aeeb7f600c598032119f27d3ee75e7bc3d26cca065757707ba3
SSDEEP

6144:K31mQ5Psj4bPNyOYmLwjNZOXnO7b226dcBuYy:6AQUsfXO7b2nV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29b42f2c46cf57080ab96fad08c102b6_JaffaCakes118

Files

29b42f2c46cf57080ab96fad08c102b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f5eddd834483f431b67e611809fd5dcc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueW

gdi32

CreateDIBitmap

shell32

FindExecutableA
ExtractAssociatedIconW

wininet

InternetWriteFile
InternetDialA
FindFirstUrlCacheContainerW
FindNextUrlCacheGroup
FreeUrlCacheSpaceW
InternetShowSecurityInfoByURLA
FindFirstUrlCacheContainerA
HttpSendRequestExW
FtpGetFileSize
InternetSetDialStateA
CommitUrlCacheEntryW
InternetHangUp

kernel32

SetLastError
WaitNamedPipeA
SetEnvironmentVariableA
GetEnvironmentStrings
TlsSetValue
GetVersionExA
ExitProcess
GetACP
CompareStringA
FreeEnvironmentStringsA
HeapCreate
TlsGetValue
SetHandleCount
GetProcAddress
VirtualQuery
TlsFree
HeapReAlloc
GetStringTypeW
GetTickCount
FreeLibrary
GetCommandLineA
GetFileType
SetConsoleCtrlHandler
Sleep
GetLastError
GetModuleFileNameA
GetDateFormatA
LCMapStringA
LoadLibraryA
InitializeCriticalSection
GetCurrentProcessId
IsValidCodePage
GetTimeFormatA
GetLocaleInfoW
QueryPerformanceCounter
DeleteCriticalSection
GetModuleHandleA
HeapDestroy
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetOEMCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
InterlockedDecrement
LCMapStringW
LeaveCriticalSection
GetCurrentThreadId
IsDebuggerPresent
InterlockedExchange
GetStartupInfoA
MultiByteToWideChar
GetUserDefaultLCID
GetStdHandle
IsValidLocale
HeapSize
WideCharToMultiByte
VirtualFree
SetUnhandledExceptionFilter
EnumResourceNamesW
TerminateProcess
GetProcessHeap
VirtualAlloc
GetCurrentProcess
GetLocaleInfoA
HeapFree
CompareStringW
RtlUnwind
HeapAlloc
EnterCriticalSection
GetStringTypeA
EnumSystemLocalesA
TlsAlloc
GetCurrentThread
InterlockedIncrement
WriteFile
GetCPInfo

comdlg32

ChooseFontW
GetOpenFileNameA
ChooseFontA
GetSaveFileNameW
GetFileTitleW
PageSetupDlgA
ChooseColorW
ReplaceTextW
PrintDlgW
GetFileTitleA
PageSetupDlgW
ChooseColorA
FindTextA
GetOpenFileNameW
ReplaceTextA

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5eddd834483f431b67e611809fd5dcc

Headers

File Characteristics

Imports

advapi32

gdi32

shell32

wininet

kernel32

comdlg32

Sections

.text Size: 126KB - Virtual size: 125KB

.data Size: 139KB - Virtual size: 162KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 126KB - Virtual size: 125KB

.data
Size: 139KB - Virtual size: 162KB

.rsrc
Size: 4KB - Virtual size: 4KB