29e2e7ae3c33a586b7f60934a6853c8a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29e2e7ae3c33a586b7f60934a6853c8a_JaffaCakes118
Size

344KB
MD5

29e2e7ae3c33a586b7f60934a6853c8a
SHA1

f619ae319638602404da5daaf523580172a6b3e1
SHA256

bf96f9548caa598c7fec9cc8bf5fccae8ff1ba8f657aa8ff5dcdbeb644df90ee
SHA512

65fb444888a67bf082bad5bc5bac3d5f6dcba17926374a7c79420ba64d42071f3f96e966f4c0c9f2dfec32eb47dfa2349b51bececfdc71af9dd266940c842463
SSDEEP

6144:N+NRpJgfVnWfF6JPWz3Q1y/NniclL6oaV/fVBqhZ:NcRcflW96tTy/NniclubVB8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e2e7ae3c33a586b7f60934a6853c8a_JaffaCakes118

Files

29e2e7ae3c33a586b7f60934a6853c8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bee6e5ee0dc175081bda87398c233263

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

sendto
send
select
recvfrom
recv
ioctlsocket
setsockopt
htons
htonl
getsockname
gethostname
gethostbyname
connect
closesocket
shutdown
socket
inet_addr
bind
__WSAFDIsSet
WSAStartup
WSASetLastError
WSASend
WSARecv
WSAGetLastError
WSACleanup

kernel32

ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeResource
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExA
GetDriveTypeA
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileSize
GetFileType
GetFullPathNameA
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetVersionExA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFlags
GlobalFree
GlobalGetAtomNameA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDebuggerPresent
IsValidCodePage
IsValidLocale
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadResource
LocalAlloc
LocalFree
LocalReAlloc
LockResource
MapViewOfFile
MoveFileA
MulDiv
MultiByteToWideChar
OpenEventA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
RemoveDirectoryA
ResetEvent
ResumeThread
RtlUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesA
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SystemTimeToFileTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
EnumResourceLanguagesA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcmpW
lstrlenA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateThread
CreateProcessA
CreateMutexA
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
CreateDirectoryA
CopyFileA
ConvertDefaultLocale
CompareStringW
CompareStringA
CloseHandle
GetVersion
WriteConsoleA

user32

GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetForegroundWindow
GetKeyState
GetLastActivePopup
GetMenu
GetMenuCheckMarkDimensions
GetMenuItemCount
GetMenuItemID
GetMenuState
GetMessageA
GetMessagePos
GetMessageTime
GetNextDlgTabItem
GetParent
GetPropA
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMetrics
GetTopWindow
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowRect
GetWindowTextA
GetWindowThreadProcessId
GrayStringA
InflateRect
IsDialogMessageA
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapA
LoadCursorA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
MessageBoxW
ModifyMenuA
MoveWindow
OffsetRect
GetDC
PostMessageA
PostQuitMessage
PtInRect
RegisterClassA
RegisterWindowMessageA
ReleaseDC
RemovePropA
SendDlgItemMessageA
SendMessageA
SendMessageW
SetActiveWindow
SetCursor
SetFocus
SetForegroundWindow
SetMenuItemBitmaps
SetPropA
SetTimer
SetWindowLongA
SetWindowPos
SetWindowTextA
SetWindowsHookExA
ShowWindow
SystemParametersInfoA
TabbedTextOutA
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UpdateWindow
ValidateRect
WinHelpA
DrawTextW
DrawTextExA
DrawTextA
DrawIcon
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreateWindowExA
CreateDialogIndirectParamA
CopyRect
ClientToScreen
CheckMenuItem
CallWindowProcA
CallNextHookEx
BeginPaint
AdjustWindowRectEx
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExA
GetClassInfoA
GetCapture
GetActiveWindow
EndPaint
EndDialog
EnableWindow
PeekMessageA
EnableMenuItem

gdi32

ScaleWindowExtEx
SelectObject
SetBkMode
SetMapMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
TextOutA
SetBkColor
CreateBitmap
CreateCompatibleDC
CreateSolidBrush
DeleteDC
DeleteObject
Escape
ExtTextOutA
GetClipBox
GetDeviceCaps
GetObjectA
GetStockObject
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
SaveDC
ScaleViewportExtEx
BitBlt

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
InitializeSecurityDescriptor
RegEnumValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryValueA
RegQueryValueExA
RegSetValueExA
SetSecurityDescriptorDacl
RegEnumKeyA

shell32

Shell_NotifyIconA
Shell_NotifyIconW
ShellExecuteA

oleaut32

VariantChangeType
VariantClear
VariantInit

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

shlwapi

PathFindFileNameA
PathFindExtensionA
SHDeleteKeyA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

Win32MiniDumpInit

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bee6e5ee0dc175081bda87398c233263

Headers

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

advapi32

shell32

oleaut32

winspool.drv

shlwapi

version

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 80KB - Virtual size: 2.4MB

.idata Size: 12KB - Virtual size: 12KB

.rsrc Size: 36KB - Virtual size: 36KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 80KB - Virtual size: 2.4MB

.idata
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 36KB - Virtual size: 36KB