29c306e8b9791a919d6ccdd4d67b483b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29c306e8b9791a919d6ccdd4d67b483b_JaffaCakes118
Size

104KB
MD5

29c306e8b9791a919d6ccdd4d67b483b
SHA1

4dda5310a409672f1926f9366cf11d5afd038839
SHA256

642cb53c7886c24a5a559ed4b81605ce732d361e6bc42ab461d75b07985ec88c
SHA512

395dbf2db0f78093ebfa4ff3b625bee6d194eff31dd357c6975df1d5235bd35a9acb69e25e9e087fcc64cdeeb5f498b62e9d9b9943c43bdf4e1c0be44945d1af
SSDEEP

1536:doZc91GSC4cANiO00ak3oyEfRM2ce5I5CKBd:w2IYY31yEpMxH9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29c306e8b9791a919d6ccdd4d67b483b_JaffaCakes118

Files

29c306e8b9791a919d6ccdd4d67b483b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3273b19487adc5cb2db891699a2c44b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIcon
CalcMenuBar
CreateIcon
DrawIconEx
CopyImage
CopyRect
IsWindow
GetCursor
DialogBoxParamA
GetDlgItem
AppendMenuA
DialogBoxParamA
DrawTextW
DialogBoxParamW
CopyIcon
DrawIcon
AppendMenuA
BlockInput
LoadMenuA
DrawIconEx
IsMenu

advapi32

RegOpenKeyW
RegQueryValueW
RegCreateKeyExW
RegReplaceKeyA
RegReplaceKeyW
RegEnumKeyA
RegDeleteValueA
RegEnumKeyExW
RegQueryValueA
RegEnumValueA
RegLoadKeyA
RegEnumKeyW

kernel32

GetFileTime
CreateDirectoryA
CreateThread
DeleteFileA
CopyFileExA
ReadConsoleA
OpenFile
DeleteAtom
GetCommandLineA
GetStdHandle
FindFirstFileA
CopyFileExW
GetConsoleMode
GetFileSize
Sleep
CreateProcessA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.budata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 4KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ