29be13a08c62122fe58693c560851b25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29be13a08c62122fe58693c560851b25_JaffaCakes118
Size

308KB
MD5

29be13a08c62122fe58693c560851b25
SHA1

dc717af63519035a6e9f8259e156155390549c1e
SHA256

9978a9809811636b181b387800e6f9e72525ac1327e669c184ca3d665f08a73a
SHA512

6ef3bd14afaa0541db63cf9e1fd7e60cb1aa9ba61b9d5f682c5a84f4490a3b8567618c83a88814e6c61cde6fe4ca6b0e39f97a0bc530ee4acd59c5775f1cacc2
SSDEEP

6144:tQrT9yCoev9yeyKWA2lTI+hAB7aTH3SWOKX4/n:tXI9Ny7lPhK7ab3EK4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29be13a08c62122fe58693c560851b25_JaffaCakes118

Files

29be13a08c62122fe58693c560851b25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccb72d8206e23ff363fabad637f7055f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\oyeontl\jborfeywe\eytoeke\upc\fbxeamttv\eagjv.pdb

Imports

comctl32

ImageList_DragMove
ImageList_Destroy
ImageList_DragEnter
ImageList_GetBkColor
ImageList_SetDragCursorImage
CreateUpDownControl
ImageList_SetOverlayImage
InitMUILanguage
InitCommonControlsEx
ImageList_GetIconSize
DestroyPropertySheetPage
ImageList_Add
ImageList_DrawEx
ImageList_Duplicate
ImageList_SetFlags

kernel32

GetEnvironmentStrings
GetACP
TlsFree
WideCharToMultiByte
GetProcAddress
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
SetFilePointer
CompareStringA
SetLastError
GetDateFormatA
DeleteCriticalSection
VirtualAlloc
TerminateProcess
CompareStringW
CloseHandle
IsValidCodePage
GetDiskFreeSpaceExA
LoadLibraryW
GetSystemInfo
MultiByteToWideChar
VirtualQuery
UnhandledExceptionFilter
FreeEnvironmentStringsA
IsValidLocale
VirtualProtect
GetCurrentThreadId
GetLongPathNameW
HeapSize
GetFileType
HeapCreate
GetModuleFileNameW
LoadLibraryA
GetStdHandle
SetConsoleTitleA
ReadFile
GetStringTypeW
HeapFree
DeleteAtom
ExitProcess
GetLastError
GetUserDefaultLCID
InterlockedExchange
GlobalSize
GetCurrentProcessId
TlsAlloc
QueryPerformanceCounter
GetPrivateProfileSectionW
GetPrivateProfileStructA
HeapDestroy
OpenMutexA
RtlFillMemory
GetCPInfo
GetModuleFileNameA
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetTickCount
EnumSystemLocalesA
GetTimeFormatA
GetEnvironmentStringsW
GetCommandLineW
lstrcmpiW
GetLocaleInfoW
ReleaseMutex
CreateMutexA
GetStartupInfoA
HeapReAlloc
SetEnvironmentVariableA
SetStdHandle
SetHandleCount
GetLocaleInfoA
HeapAlloc
VirtualFree
GetStartupInfoW
IsBadWritePtr
FileTimeToSystemTime
GetVersionExA
MoveFileExW
GetSystemTimeAsFileTime
RtlUnwind
GetStringTypeA
GetOEMCP
GetCurrentThread
InitializeCriticalSection
GetCommandLineA
GetCurrentProcess
GetModuleHandleA
FlushFileBuffers
FreeEnvironmentStringsW
WriteFile
TlsSetValue

user32

SetCursorPos
MapVirtualKeyExW
GetPropA
LoadMenuW
TabbedTextOutA
SetWindowLongW
DdeQueryStringA
TabbedTextOutW
RegisterClassA
DestroyCursor
CheckMenuItem
OpenWindowStationA
RegisterClassW
RegisterWindowMessageA
GetMenuState
ModifyMenuA
SetSystemCursor
DdeFreeStringHandle
DeleteMenu
EnumWindowStationsA
CharToOemW
LoadAcceleratorsA
DefDlgProcW
SetMenuItemInfoA
SetProcessDefaultLayout
SetFocus
RegisterClassExA
MessageBoxExW
OemToCharA
PeekMessageW
MapDialogRect

wininet

RegisterUrlCacheNotification
UrlZonesDetach
InternetDialA
InternetWriteFileExW
FindFirstUrlCacheEntryExW
DeleteUrlCacheGroup
DetectAutoProxyUrl
InternetTimeToSystemTimeW

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccb72d8206e23ff363fabad637f7055f

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

wininet

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 88KB - Virtual size: 109KB

.rsrc Size: 60KB - Virtual size: 56KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 88KB - Virtual size: 109KB

.rsrc
Size: 60KB - Virtual size: 56KB