29d833c0d8d6b9c42cc905c69c36b8b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29d833c0d8d6b9c42cc905c69c36b8b1_JaffaCakes118
Size

304KB
MD5

29d833c0d8d6b9c42cc905c69c36b8b1
SHA1

4a14521d963b265b0c8443f8ca7210162e78189f
SHA256

1448b99b8a3c03e773a766a26addb8d63edef6a91a8c65c323b3553dfa45af97
SHA512

cfa6b6f291453312cd6e3ab96aaabe99f5910df519802a8bea0c081f20ed4b34f269db4cf5a20ba318c5c44d4b98fbb08d836160cccc6767910cc6f235d03e14
SSDEEP

6144:KZnoemUwS/csecoyy8+LFumRWZpdKXXCLb+abE6/FUhU:KFovzQbN+LmZpdKXWDbE6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d833c0d8d6b9c42cc905c69c36b8b1_JaffaCakes118

Files

29d833c0d8d6b9c42cc905c69c36b8b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1269aa676d1c53f5897be13126d5c77a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetupComm
SetConsoleOutputCP
ExpandEnvironmentStringsW
EnumTimeFormatsW
GetModuleHandleA
lstrcatW
WriteConsoleOutputW
IsBadStringPtrA
GlobalFlags
CreateDirectoryExA
GetCurrentProcess
OutputDebugStringA
FreeResource
DosDateTimeToFileTime
GetEnvironmentVariableW
ReadDirectoryChangesW
LocalSize
SetHandleCount
GetConsoleMode
ExitThread
FlushConsoleInputBuffer
GetDateFormatA
SystemTimeToFileTime
FormatMessageA
SetLastError
FindNextChangeNotification
GetOEMCP
IsValidLocale
FillConsoleOutputCharacterA
DuplicateHandle
SetProcessAffinityMask
FileTimeToLocalFileTime
ReadFile
CreateMutexA
SetTimeZoneInformation
GetSystemTime
RemoveDirectoryA
GetTimeZoneInformation
MultiByteToWideChar
GetPrivateProfileSectionW
LeaveCriticalSection
_llseek
EnumResourceNamesW
ReleaseSemaphore
CreatePipe
PeekConsoleInputW
EnumCalendarInfoW
QueryDosDeviceW
EnumCalendarInfoA
GetConsoleCursorInfo
EnumSystemCodePagesW
LCMapStringA
FindResourceExA
WaitNamedPipeA
WriteProcessMemory
VirtualFree
SetConsoleCursorPosition
SetSystemTime
GlobalFindAtomW
FindResourceExW
lstrcmpiW
GetLogicalDriveStringsA
SetStdHandle
GetVersion
FreeEnvironmentStringsA
GetFileType
VirtualAllocEx
ReadConsoleOutputA
SetConsoleWindowInfo
CreateWaitableTimerA
GetBinaryTypeA
GetProcessHeap
FindFirstFileA
CreateEventA
CompareStringW
_lclose
SetEvent
GetSystemDirectoryW
lstrcmpiA
GetDriveTypeW
SetMailslotInfo
GetVersionExA
SetThreadLocale
FreeLibrary
GetHandleInformation
VirtualQueryEx
GetWindowsDirectoryA
SetConsoleActiveScreenBuffer
GetModuleFileNameW
GetTapeStatus
TryEnterCriticalSection
GetCommandLineA
VirtualProtect
FlushFileBuffers
ExitProcess

user32

CheckDlgButton
RegisterClassExW
TrackMouseEvent
GetTabbedTextExtentA
OemToCharBuffW
LoadMenuA
CreateMDIWindowW
UnregisterDeviceNotification
TranslateMessage
wsprintfW
GetClipCursor
IsCharLowerW
GetKeyNameTextA
GetMessagePos
SetProcessWindowStation
UnhookWindowsHook
OpenClipboard
GetKeyboardLayoutNameA
GetForegroundWindow
IsClipboardFormatAvailable
LoadMenuIndirectA
SetScrollRange
TranslateAcceleratorA
EnumWindowStationsW
ReleaseCapture
SetMenu
DestroyMenu
DrawFocusRect
PeekMessageA
EnumDisplaySettingsA
GetScrollInfo
GetWindowWord
CreateWindowStationW
GetDoubleClickTime

gdi32

GetTextCharacterExtra
PolyBezier
SetGraphicsMode
GetClipBox
CreateBrushIndirect
ScaleViewportExtEx
EnumFontFamiliesExA
GetPolyFillMode
PtInRegion

comdlg32

GetFileTitleA

advapi32

RegEnumKeyW
RegCreateKeyExW

ole32

RevokeDragDrop

oleaut32

SafeArrayUnaccessData
SafeArrayCreate
QueryPathOfRegTypeLi
VariantChangeType
SafeArrayPutElement
SysFreeString
SysAllocStringLen

shlwapi

PathAppendA
AssocCreate
StrCmpW
PathRemoveBackslashW
PathQuoteSpacesW
UrlApplySchemeW
PathFindFileNameW
SHCreateStreamOnFileW
SHRegGetBoolUSValueA
PathStripPathW
StrStrIA
PathGetCharTypeW

setupapi

SetupScanFileQueueW
SetupDiOpenDevRegKey
SetupDiGetClassDescriptionW
SetupOpenAppendInfFileA

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1269aa676d1c53f5897be13126d5c77a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB