29bf8569db9fe108e028dd915fc3ae52_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29bf8569db9fe108e028dd915fc3ae52_JaffaCakes118
Size

568KB
MD5

29bf8569db9fe108e028dd915fc3ae52
SHA1

6d2b6accffe3dd44be1febc0c7050f61c130321f
SHA256

d39c21fc816aff04b40b1303f42f9755ef13be332fdd46aabacf4dbab86c4035
SHA512

b7f5b478448ab7ba51d49f2a083651733569c7948fe29e7978a1510d2dc27cdefbc18c76ac99d1621f315496a5658249cccb7aa639ae123aafa4a7acce0ae2ba
SSDEEP

12288:AMJSNnbcU6o4MRnvSYCY9wc+NG7eAWZIYmemUYpI8Lg:AYIbcU6VeKHYcQeAWXmN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29bf8569db9fe108e028dd915fc3ae52_JaffaCakes118

Files

29bf8569db9fe108e028dd915fc3ae52_JaffaCakes118
.exe windows:4 windows x86 arch:x86

05927d1e8d72c165497ab0515976cc67

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
TlsFree
GetDateFormatA
SetConsoleMode
HeapReAlloc
SetLastError
GetFileType
GetModuleFileNameA
RtlUnwind
SetFileAttributesW
FreeEnvironmentStringsW
GetDiskFreeSpaceW
GetLastError
SetEnvironmentVariableA
GetACP
GetProcessHeap
QueryPerformanceCounter
GetCommandLineA
GetLocaleInfoW
WriteConsoleW
HeapAlloc
SetStdHandle
CloseHandle
GetExitCodeProcess
GetCurrentThread
VirtualAlloc
GetTimeZoneInformation
GetStringTypeA
FreeLibrary
GetStdHandle
HeapDestroy
GetLocaleInfoA
InterlockedDecrement
EnterCriticalSection
CommConfigDialogA
InterlockedExchange
GetCurrentThreadId
HeapLock
GetSystemTimeAsFileTime
ExitProcess
CompareStringA
SetCurrentDirectoryA
ReadFile
VirtualQuery
TerminateProcess
HeapSize
InitializeCriticalSection
GetEnvironmentStrings
IsDebuggerPresent
TlsSetValue
GetProcAddress
GetThreadTimes
GetUserDefaultLCID
LCMapStringA
MultiByteToWideChar
CopyFileA
TlsAlloc
ReadFileEx
EnumSystemLocalesA
VirtualAllocEx
GetStartupInfoA
LCMapStringW
HeapFree
CompareStringW
TlsGetValue
VirtualFree
InterlockedIncrement
GetCPInfo
IsValidLocale
HeapCreate
GetTimeFormatA
LoadLibraryA
SetFilePointer
GetOEMCP
EnumCalendarInfoExW
GetStringTypeW
UnhandledExceptionFilter
GetConsoleCP
SetConsoleCtrlHandler
WriteFile
GetTickCount
FreeEnvironmentStringsA
CreateFileA
GetModuleHandleA
GetSystemDirectoryW
Sleep
SetUnhandledExceptionFilter
LeaveCriticalSection
LocalReAlloc
LockFileEx
WriteConsoleA
FlushFileBuffers
GetConsoleOutputCP
lstrcmpiW
DeleteCriticalSection
OpenMutexA
CreateMutexA
GetEnvironmentStringsW
GetCurrentProcessId
GetStartupInfoW
GetCurrentProcess
GetConsoleMode
WideCharToMultiByte
GetVersionExA
IsValidCodePage

wininet

DetectAutoProxyUrl
FtpGetFileA
InternetTimeFromSystemTimeA
InternetCrackUrlA
InternetGetConnectedStateExA
FtpSetCurrentDirectoryW
FtpOpenFileW
InternetShowSecurityInfoByURLW
GopherFindFirstFileA

user32

DefWindowProcW
SetCapture
RegisterClassExA
MapVirtualKeyA
GetForegroundWindow
SetSysColors
SetUserObjectInformationW
GetWindowRect
MessageBeep
GetDesktopWindow
RegisterClassA
OemToCharW
GetMenuItemCount
ToAsciiEx
IsDialogMessage
IsDialogMessageW
GetTitleBarInfo
BeginPaint
EnumDisplaySettingsA
SetForegroundWindow
RealChildWindowFromPoint
PostQuitMessage
CreateIconIndirect
EnumWindowStationsA
CreateWindowExA
DdeGetData
CallMsgFilter
GetUserObjectSecurity
GetKeyboardLayoutNameA
DestroyWindow
CascadeWindows
RegisterHotKey
GetUpdateRect
ArrangeIconicWindows
AnimateWindow
SendNotifyMessageA
ShowWindow
CharPrevExA
GetMenuItemRect
MessageBoxW
BroadcastSystemMessage
CreateWindowExW

comctl32

ImageList_AddIcon
InitCommonControlsEx
ImageList_GetImageRect
ImageList_Remove
ImageList_SetBkColor
DrawStatusText
CreatePropertySheetPage
ImageList_Draw
ImageList_GetIcon
MakeDragList
CreateStatusWindowA

Sections

.text
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 252KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05927d1e8d72c165497ab0515976cc67

Headers

File Characteristics

Imports

kernel32

wininet

user32

comctl32

Sections

.text Size: 176KB - Virtual size: 172KB

.rdata Size: 252KB - Virtual size: 249KB

.data Size: 120KB - Virtual size: 143KB

.rsrc Size: 16KB - Virtual size: 15KB

.text
Size: 176KB - Virtual size: 172KB

.rdata
Size: 252KB - Virtual size: 249KB

.data
Size: 120KB - Virtual size: 143KB

.rsrc
Size: 16KB - Virtual size: 15KB