29e1a9efb7dd818d00be40d73ec29786_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29e1a9efb7dd818d00be40d73ec29786_JaffaCakes118
Size

517KB
MD5

29e1a9efb7dd818d00be40d73ec29786
SHA1

fbdbd02ca354ee9bf48d6ecbf32c6bfb77a5d44f
SHA256

e3e28d0e168b1e760f29f7513187b722951cad721dc8c8f0ff01d6c93c75b004
SHA512

9c23bc5d4ead66cd761fb6c4344973d1c40ad24f1b7ac9c62d25fa8d9959491ec8edb1cc3e39add1b457ed731b1689bd94a75cf3f45d4baa8cb760799ad7d66b
SSDEEP

12288:BkPvynd8XAb8H7kHfyJ+hulgYCnlQr0ZVUD:7d8Xyuk/Hhaz+QAZKD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e1a9efb7dd818d00be40d73ec29786_JaffaCakes118

Files

29e1a9efb7dd818d00be40d73ec29786_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1eda46acbe140b3218cc483c82c772ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
CryptContextAddRef
LogonUserW
RegQueryValueA
RegQueryMultipleValuesA
RegQueryInfoKeyW
InitiateSystemShutdownA
CryptExportKey

comdlg32

GetSaveFileNameA
GetOpenFileNameW
PageSetupDlgA
ChooseColorW

shell32

ShellExecuteEx
SHAddToRecentDocs
DoEnvironmentSubstW
ShellExecuteA
ShellHookProc

kernel32

UnmapViewOfFile
InitializeCriticalSection
WideCharToMultiByte
EnumSystemLocalesA
GetCurrentThreadId
ExitProcess
GetLocaleInfoW
GetProcAddress
InterlockedDecrement
VirtualAlloc
HeapCreate
SetUnhandledExceptionFilter
WriteConsoleW
LCMapStringW
LCMapStringA
TerminateProcess
GetCurrentProcess
OpenMutexA
GetCurrentThread
QueryPerformanceCounter
MultiByteToWideChar
SetHandleCount
GetStdHandle
SetFilePointer
GetTickCount
GetSystemInfo
IsValidCodePage
CompareStringW
GetCommandLineA
DeleteCriticalSection
IsValidLocale
UnhandledExceptionFilter
HeapAlloc
CreateFileW
GetCurrentProcessId
TlsSetValue
IsDebuggerPresent
TlsAlloc
SetEnvironmentVariableW
VirtualFree
InterlockedExchange
InterlockedIncrement
SetConsoleCtrlHandler
SetConsoleMode
GetTimeZoneInformation
GetModuleHandleA
GetSystemTimeAsFileTime
LoadLibraryA
GetConsoleMode
GetStringTypeA
GetCPInfo
GetFileType
GetConsoleCP
CloseHandle
GetStringTypeW
LocalHandle
GetModuleFileNameA
GetProcessHeap
GetUserDefaultLCID
GetTimeFormatA
GetCalendarInfoW
GetEnvironmentStringsW
HeapFree
LeaveCriticalSection
GetEnvironmentStrings
WriteConsoleA
GetDateFormatA
GetOEMCP
GetStartupInfoA
GetVersionExA
ReadFile
GetConsoleOutputCP
FreeLibrary
SetSystemTime
GetLastError
FindFirstFileExW
CreateMutexA
GetFileAttributesExA
ConnectNamedPipe
HeapReAlloc
CompareFileTime
SetStdHandle
GetLocaleInfoA
HeapDestroy
SetComputerNameA
VirtualQuery
FreeEnvironmentStringsW
SetEndOfFile
WriteFile
FlushFileBuffers
Sleep
CreateFileA
HeapSize
TlsFree
GetACP
TlsGetValue
SetLastError
lstrcmp
EnterCriticalSection
CompareStringA
FreeEnvironmentStringsA
RtlUnwind
SetEnvironmentVariableA

wininet

FindFirstUrlCacheGroup
InternetQueryDataAvailable

comctl32

ImageList_LoadImageW
ImageList_GetIcon
CreateToolbarEx
DrawStatusTextA
ImageList_SetFilter
ImageList_BeginDrag
ImageList_Write
ImageList_AddMasked
ImageList_SetOverlayImage
CreatePropertySheetPage
CreatePropertySheetPageW
MakeDragList
InitCommonControlsEx
ImageList_SetDragCursorImage

user32

MessageBoxA
RegisterClassA
EndDialog
EnumPropsExW
DefWindowProcA
UnregisterHotKey
OemKeyScan
DestroyWindow
LoadAcceleratorsA
ShowWindow
CreateWindowExW
UnregisterDeviceNotification
RegisterClassExA
RegisterWindowMessageA
GetComboBoxInfo
ValidateRgn

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 213KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1eda46acbe140b3218cc483c82c772ec

Headers

File Characteristics

Imports

advapi32

comdlg32

shell32

kernel32

wininet

comctl32

user32

Sections

.text Size: 182KB - Virtual size: 182KB

.rdata Size: 213KB - Virtual size: 232KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 182KB - Virtual size: 182KB

.rdata
Size: 213KB - Virtual size: 232KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 14KB - Virtual size: 14KB