29b63ecab7f289d0e451243e3d926339_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29b63ecab7f289d0e451243e3d926339_JaffaCakes118
Size

568KB
MD5

29b63ecab7f289d0e451243e3d926339
SHA1

c8c143bf8f4ec4daf49d53db1cfb1b8a690ab462
SHA256

489528a785fd2467a69e1979314360cdb1f525c9faea04e35047386cb81e5313
SHA512

9c1181379f9540e081100a1a07de3e8c879febb25beb91472a75c7d1cfe14a0e37807d2a4416227a9b8f04af6528661d1903c00064a4c2dc090bedf76d863445
SSDEEP

12288:rth7Ix+ycSLDaFrRu4yZvoO6rVU/fzqZQt/Nwe9Sc2Nk:rXIxOYDOo4OQOxuWtFvShK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29b63ecab7f289d0e451243e3d926339_JaffaCakes118

Files

29b63ecab7f289d0e451243e3d926339_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc850eb89bc46955f8e7f86b5eb73370

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageTimeoutW
IsCharAlphaNumericA
DlgDirSelectComboBoxExW
DdeQueryNextServer
CloseDesktop
InsertMenuA
GetClassInfoExA
ShowCursor
CreateCaret
EnumPropsA
CreateWindowExW
GetDoubleClickTime
TileWindows
GetGUIThreadInfo
UnregisterClassA
SendMessageW
DlgDirSelectComboBoxExA
DdeAddData
GetWindowTextW
EnumThreadWindows
GetMenuCheckMarkDimensions
RegisterClassExA
DdeImpersonateClient
RegisterClassA
SetWindowContextHelpId
SetClipboardData
wsprintfA
GetMenuItemCount
FindWindowExA
DdeAbandonTransaction
IsDlgButtonChecked
DrawFrame
LoadImageA
CharLowerA
RegisterWindowMessageW
GetKeyboardState
WINNLSGetEnableStatus
DdeQueryStringW
GetCaretPos
IsWindow
GetMenuItemInfoW
SetClipboardViewer
GetWindowPlacement
TranslateMDISysAccel
SwitchDesktop
GetKeyNameTextW
ChangeDisplaySettingsA
ShowWindow
GetWindowModuleFileNameW
VkKeyScanW
wvsprintfW
RemoveMenu
GetForegroundWindow
GetPropW
IsDialogMessage
SendDlgItemMessageW
DefWindowProcW
MessageBoxW
DestroyWindow
LoadBitmapA
BroadcastSystemMessageW
GetActiveWindow
SetMenuItemInfoW
CharUpperBuffW
AnyPopup
IsDialogMessageA
DestroyCaret
CheckMenuItem
DefFrameProcA

kernel32

FoldStringA
HeapReAlloc
SetStdHandle
WideCharToMultiByte
LoadLibraryA
GetFileType
QueryPerformanceCounter
CreateNamedPipeW
GetWindowsDirectoryA
GetCurrentProcessId
EnumCalendarInfoW
LocalFileTimeToFileTime
GlobalUnfix
GetCalendarInfoW
HeapCreate
TerminateProcess
lstrcpynA
GetACP
MultiByteToWideChar
VirtualProtect
GetProcAddress
CompareStringW
HeapFree
IsBadWritePtr
CreateMutexA
FreeEnvironmentStringsW
EnumCalendarInfoA
GetTimeZoneInformation
GetStartupInfoW
WriteFile
GetSystemTimeAsFileTime
GetSystemInfo
ExitProcess
SetFilePointer
LCMapStringA
VirtualAlloc
GetLocalTime
FormatMessageW
GetStringTypeA
GetStartupInfoA
TerminateThread
SetLastError
GetDriveTypeW
TlsFree
InitializeCriticalSection
GetOEMCP
HeapDestroy
GetTickCount
OpenEventA
OpenFile
LeaveCriticalSection
SetConsoleActiveScreenBuffer
SystemTimeToTzSpecificLocalTime
DosDateTimeToFileTime
CommConfigDialogW
TlsGetValue
GetCurrentThread
EnumSystemLocalesA
FlushFileBuffers
LoadLibraryExW
GetEnvironmentStrings
GetLocaleInfoW
GetDateFormatA
GetStdHandle
DeleteCriticalSection
GetCPInfo
GetVersionExA
GetProfileIntW
GetSystemTime
ReadFile
LockFileEx
HeapAlloc
IsValidCodePage
GetUserDefaultLCID
GetPrivateProfileSectionA
CreatePipe
WriteConsoleInputA
GetCurrentThreadId
GetModuleFileNameA
lstrcpy
RtlUnwind
IsValidLocale
GetLastError
WaitForMultipleObjectsEx
SetEnvironmentVariableA
SetConsoleCursorInfo
FreeEnvironmentStringsA
GetStringTypeW
GetCommandLineA
GetTimeFormatA
WriteProfileStringA
TlsAlloc
LoadLibraryExA
LCMapStringW
GetLogicalDriveStringsW
FindFirstFileA
GetCurrentProcess
SetConsoleTitleA
SetHandleCount
TlsSetValue
CreateFileA
CompareStringA
LoadResource
TransmitCommChar
VirtualFree
CloseHandle
GetCommandLineW
EnumSystemCodePagesA
GlobalUnlock
EnterCriticalSection
GetEnvironmentStringsW
OpenMutexA
GetModuleFileNameW
GetModuleHandleA
InterlockedExchange
UnhandledExceptionFilter
HeapSize
VirtualQuery
GetLocaleInfoA

comctl32

InitMUILanguage
ImageList_Duplicate
InitCommonControlsEx

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc850eb89bc46955f8e7f86b5eb73370

Headers

File Characteristics

Imports

user32

kernel32

comctl32

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 128KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 128KB

.rsrc
Size: 28KB - Virtual size: 25KB