29e11362820e966e4c47eafad2b02d7b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29e11362820e966e4c47eafad2b02d7b_JaffaCakes118
Size

4.0MB
MD5

29e11362820e966e4c47eafad2b02d7b
SHA1

ace076ecf5430917f7bda2aa721c17264c1a4887
SHA256

fc29da1bc1261592abfe59e8b8204f64035be7eacb638213deb837109e43a8d3
SHA512

4457c5af7cb96ea895bfc2fb2981a598e1f9c7d430727cc7faaf77cf5ab3f2e88fde5a0db2aff4fd7c1fb0fc11321580fe06c750e746c706590d3e48391a0afc
SSDEEP

98304:q08i5/1C4QXog3KZoCVd3mZxycNrA0mK/yBIG2KjJNCUYqG4f19R:B8i5/3QXoGoV9mZxy6rjmK/yBFNLzGa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e11362820e966e4c47eafad2b02d7b_JaffaCakes118

Files

29e11362820e966e4c47eafad2b02d7b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ff92cf0210830b5043d2e92c88261a45

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteTimerQueue
GetDevicePowerState
GetExitCodeThread
GetLocaleInfoA
VirtualAlloc
PeekConsoleInputA
GetVolumeInformationA
GetSystemWindowsDirectoryA
CreateEventA
PeekNamedPipe
SetSystemTimeAdjustment
GetLastError
GetTimeZoneInformation
GetConsoleTitleA
QueryInformationJobObject
ExitThread

user32

IsCharUpperA
ToAsciiEx
GetParent
EnumDisplaySettingsA
PostThreadMessageW
GetProcessWindowStation
BlockInput
PostThreadMessageA
InSendMessageEx
SetCaretBlinkTime
RegisterUserApiHook
AllowForegroundActivation
SetShellWindow
DrawEdge

Exports

Exports

Orokwbek
IsFqntpuhyq
Lpnxskc
AddMfhneam
AddHmytjmt
InitNjellsifiw
Gmyjnrsqf
ReadFjuiubinv
Pxehjenfl
Ecnvdlxjule
CreateOxnebkptyp
Npeqkxijq
CreateSjhnftpu
Ceugwwrk
SetLwkbetvocf
Gwwntfbnlnl
InitJuerfcstnr
ReadEakcyjccd
EndCyuiiifv
Ueordjmp

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 788KB - Virtual size: 787KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ