29e56b58fb87104b22bac9a9b160faa2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29e56b58fb87104b22bac9a9b160faa2_JaffaCakes118
Size

50KB
MD5

29e56b58fb87104b22bac9a9b160faa2
SHA1

98d580930456fee930d72ac565f3a51dc77042b5
SHA256

80481951ef8952c873acc69482f63c47b613d020422cb2e35c1f939210621da9
SHA512

6b8a39240da29a6d02301606b1ad38e8dda28b4389f81be808deb2a17522a3b6111a1e3a3889fdf1548eef20d4fb79363e6716536493991f58468eccc4216b68
SSDEEP

768:aKSaYAuYetbByOChcJ7nIWNY7aUzraQJokADRqIk3HSHD4kmZpuWRWx0AVlAgJ:/NgK+5IWmjJokAdI3y0buZyAVlx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e56b58fb87104b22bac9a9b160faa2_JaffaCakes118

Files

29e56b58fb87104b22bac9a9b160faa2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b6c35cd33c02b3cbcd1534c59f7ceca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AllocateAndInitializeSid
CloseServiceHandle
ControlService
FreeSid
RegDeleteValueA
RegEnumKeyExA
RegQueryValueA
RegSetValueExA
SetServiceStatus
StartServiceCtrlDispatcherA

kernel32

CloseHandle
CompareStringA
CopyFileA
CreateFileMappingA
CreateThread
DeleteCriticalSection
DeviceIoControl
DisableThreadLibraryCalls
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindClose
FindFirstFileA
FindNextFileA
FindResourceA
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibrary
GetCPInfo
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetEnvironmentStringsA
GetEnvironmentVariableA
GetExitCodeProcess
GetFileAttributesA
GetFileSize
GetFullPathNameA
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleHandleA
GetPrivateProfileSectionA
GetPrivateProfileSectionNamesA
GetProcessHeap
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetSystemTime
GetTempPathA
GetThreadLocale
GetThreadTimes
GetTickCount
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalReAlloc
GlobalUnlock
HeapDestroy
HeapFree
HeapReAlloc
InterlockedDecrement
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LockResource
MulDiv
OpenEventA
OpenProcess
QueryPerformanceCounter
RaiseException
ReadProcessMemory
ResumeThread
SetCurrentDirectoryA
SetEndOfFile
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TlsAlloc
TlsGetValue
UnhandledExceptionFilter
WritePrivateProfileStringA
lstrcmpA
lstrcpynA

user32

CreatePopupMenu
CreateWindowExA
EndDialog
EnumChildWindows
ExitWindowsEx
FindWindowA
GetCapture
GetDlgItem
GetKeyState
GetParent
GetSubMenu
GetSystemMetrics
IsChild
IsWindow
IsWindowVisible
KillTimer
LoadStringA
MessageBoxA
OffsetRect
PeekMessageA
RegisterClassA
RegisterClassExA
SendMessageA
SetCapture
SetRect
SetWindowLongA
SetWindowTextA
SystemParametersInfoA
TranslateMessage
WinHelpA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b6c35cd33c02b3cbcd1534c59f7ceca

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 16KB - Virtual size: 20KB

.INIT Size: 12KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 16KB - Virtual size: 20KB

.INIT
Size: 12KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB