29e421865ea4c32c49ea49c98bfc9e38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29e421865ea4c32c49ea49c98bfc9e38_JaffaCakes118
Size

130KB
MD5

29e421865ea4c32c49ea49c98bfc9e38
SHA1

ecfde19f2e1274f6fbde6f9c31ce5ccb66b33f84
SHA256

7ec2cb0ca36acaffecc447ee0345d02bb2d584264a2bf775b39df4e86c7b06d0
SHA512

c6931252d1d60b9b3a5f78f063dd99d66293b3fa2c2cd84c705962f6a2b6a3bd7266caedb4c5b331fb0066375253560fe1077b80176b25c5f0b2ae2f8899851f
SSDEEP

1536:vDfRe4+2wf/muyN0gQIMS0opx2mYdceK//qI/xgE2KmzZgNtchUFKYH3Xx14m+BD:Vk2wGuGQK0cOk/ZgE2yNdVnx14mIA7+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e421865ea4c32c49ea49c98bfc9e38_JaffaCakes118

Files

29e421865ea4c32c49ea49c98bfc9e38_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ce5d4cb191c6dd42f26228aff9fc06c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
LoadLibraryA
EnterCriticalSection
EnumCalendarInfoA
ExitProcess
DeleteFileA

user32

DefWindowProcA
PostQuitMessage
IsMenu
PostMessageA
IsWindowUnicode
SetRect
GetCursorPos
GetWindowTextA
EnumChildWindows
DestroyIcon
AdjustWindowRectEx
EnableScrollBar
IsDlgButtonChecked
EndDialog
GetWindowLongW
ReleaseCapture
SetParent
SendMessageA
GetKeyboardType
IsCharUpperA
ChildWindowFromPoint
SetMenu
GetDC
IsChild
GetDCEx
DispatchMessageA
DrawFrameControl
EnumThreadWindows
MoveWindow
CreatePopupMenu
GetWindowLongA
InflateRect
MsgWaitForMultipleObjects
WindowFromPoint
SetClipboardData
DrawIconEx
GetWindowTextLengthA
GetActiveWindow
GetCapture
MapWindowPoints
GetLastActivePopup
SendMessageW
CharUpperA
GetDesktopWindow
GetClientRect
CharNextA
FillRect
TranslateMessage
EnableWindow
GetSubMenu
GetMenu
KillTimer
IsZoomed
SetPropA
DrawIcon
GetMessagePos
IsCharLowerA
InsertMenuA
DestroyCursor
EnableMenuItem
LoadCursorA

Exports

Exports

ZjWvfIoaSOa
U2jAf8H7
uv8n8e@4
sLrftH@12
sjbLhv7rG
wyvJX9VFPr
_K1NIhstbG4LEZ@12
_cZvQ16

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

8ce5d4cb191c6dd42f26228aff9fc06c

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 109KB - Virtual size: 237KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 109KB - Virtual size: 237KB

.rsrc
Size: 5KB - Virtual size: 4KB