29da9a272cd001992bece0d800274741_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29da9a272cd001992bece0d800274741_JaffaCakes118
Size

177KB
MD5

29da9a272cd001992bece0d800274741
SHA1

da26b0c5464f957dfe07b3a20788a50b11040ca1
SHA256

16dcd9e88d6f43a136ad205dac5c9ab2ba9b7a7b87ff97581cc879e77ef4b60c
SHA512

30c6dae3367d5735eaab9a88f9b01a7748fae24b191f113e1bdc14e704cc1530b6ab60ad70195876c6db960ca847e84bafed1810c3d13ae518350776fa6e4d4c
SSDEEP

3072:xOVEDH7Mn9qnL6Mb/DE+nE3CEhjBi7OxDYqMTHkSzG3:sVKgnQnL6eDPmCEBBixHTHfG3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29da9a272cd001992bece0d800274741_JaffaCakes118

Files

29da9a272cd001992bece0d800274741_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c6ccca3d2951018671d46f1b2af0eeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
GetClassLongA
UpdateWindow
InvalidateRect
SetFocus
ShowWindow
GetMessageA
wsprintfA
BeginPaint
GetWindowRect
DefWindowProcA
CreateWindowExA
MoveWindow
GetWindowLongA
PeekMessageA
DestroyWindow
MessageBoxA
CallWindowProcA
GetClientRect
EndPaint
ScreenToClient
IsWindow
OffsetRect
GetKeyState
GetFocus
ReleaseCapture
DispatchMessageA
SetWindowTextA
RegisterClassA
SendMessageA
TranslateMessage
LoadCursorA
SubtractRect
LoadIconA
SetWindowLongA
wvsprintfA
SetCapture

gdi32

CreateDIBSection
SelectObject
DeleteObject
BitBlt
SetStretchBltMode
StretchDIBits
CombineRgn
GetCurrentObject
SetDIBitsToDevice
DeleteDC
GetObjectA
CreateCompatibleDC
GetStockObject
CreateRectRgn
SetDIBColorTable
FillRgn
StretchBlt

comctl32

CreateToolbarEx

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

msvfw32

ICOpen
ICSendMessage
ICDecompress
ICClose

avifil32

AVIFileOpenA
AVIFileRelease
AVIFileGetStream
AVIStreamGetFrame
AVIFileCreateStreamA
AVIStreamRelease
AVIStreamGetFrameOpen
AVIFileInit
AVIStreamWrite
AVIStreamInfoA
AVISaveOptions
AVIStreamGetFrameClose
AVIStreamSetFormat
AVIMakeCompressedStream

kernel32

GlobalSize
QueryDosDeviceW
CreateFileMappingA
DisableThreadLibraryCalls
GetProcessId
WriteFile
MapViewOfFile
lstrlenA
ReadFile
CreateFileA
SetFilePointer
CloseHandle
LocalFree
EnumResourceTypesA
ExitProcess
UnmapViewOfFile
GetFileSize
GlobalAlloc
LocalAlloc
ProcessIdToSessionId
Sleep
GlobalFree

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c6ccca3d2951018671d46f1b2af0eeb

Headers

File Characteristics

Imports

user32

gdi32

comctl32

avicap32

msvfw32

avifil32

kernel32

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 64KB - Virtual size: 64KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 64KB - Virtual size: 64KB

.tls
Size: 1024B - Virtual size: 240KB