29d283a1e0a35e8255a919a36d349b87_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29d283a1e0a35e8255a919a36d349b87_JaffaCakes118
Size

3.7MB
MD5

29d283a1e0a35e8255a919a36d349b87
SHA1

c7c6522b0f70140dd85423d9bb0b952f84815de0
SHA256

87ee1f0a02aacf99f66e2db937358e888384ca226a33d711cbcd90acfe002084
SHA512

1f246f60351638c1e869ffca9a20636624775536506b54ef4b2b76d90a99cfa89e08adfe335f9b75578c4e7db95a7021251f62f3d6c20368d95933f10480a175
SSDEEP

98304:r3RtuVTYjqj2jZR3HwoH8Hv4NuTZOfLlRKDczvDc9SQxXc:0Mbr3zsv4NuTZOfL7kc3eSQxXc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d283a1e0a35e8255a919a36d349b87_JaffaCakes118

Files

29d283a1e0a35e8255a919a36d349b87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c7919a3ef8876e454f611ff94971630

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
FormatMessageA
RemoveDirectoryA
DeleteFileA
TerminateProcess
SetEvent
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
ReadFile
CreateFileA
ExitProcess
GetLastError
WriteFile
CloseHandle
SetFilePointer
GetExitCodeProcess
CreateProcessA
GetCurrentDirectoryA
GetDiskFreeSpaceA
HeapFree
WaitForSingleObject
CreateThread
CreateEventA
GetCommandLineA
GetModuleFileNameA
GetProcessHeap
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryA
GetDriveTypeA

user32

SendDlgItemMessageA
SendMessageA
EndDialog
LoadStringA
DialogBoxParamA
ShowWindow
MessageBoxA

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zero
Size: - Virtual size: 66KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE