29e66da14be9d308fef402b068b5857b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29e66da14be9d308fef402b068b5857b_JaffaCakes118
Size

186KB
MD5

29e66da14be9d308fef402b068b5857b
SHA1

f8580880cdf066e5dd8952243180e99eb1e79e36
SHA256

15e119ee2f47ff28c6427a537b9c69976cb95949dc44fb7f87a4c98ec130ab59
SHA512

4c8bd90511cda67993f73a6fe62219c94a8579a2030efbc7178a74f05ccf5b4b0c6bc2955655c5e234e49d009dd1d3152482cf4c3f62b94189349db8da781f8e
SSDEEP

3072:ce6Up+RkaEAG7dQYOlgjZT5Ur8LDm9WmjMivEqW1/HSPqGn7XQ6ChX:cRRx9lgv5m3vFW1PSFn7XQ6C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e66da14be9d308fef402b068b5857b_JaffaCakes118

Files

29e66da14be9d308fef402b068b5857b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7c102ad572e739b8d8104b7c11e9322

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

gdiplus

GdipFree
GdipCreateBitmapFromFileICM
GdipGetImagePixelFormat
GdipDisposeImage
GdipCreateBitmapFromFile
GdipAlloc
GdipCloneImage

user32

DispatchMessageA
ReleaseDC
LoadCursorA
RegisterClassExA
GetClientRect
SendMessageTimeoutA
GetDlgItem
ReleaseCapture
MoveWindow
SetRect
EnumDisplayDevicesA
InvalidateRect
GetWindowTextLengthA
GetDesktopWindow
SetParent
RedrawWindow
DestroyWindow
CreateWindowExA
RegisterWindowMessageA
SetWindowLongA
MsgWaitForMultipleObjects
DrawTextA
ShowWindow
GetWindowRect
IsChild
CharNextA
DefWindowProcA
SendMessageA
wsprintfA
EndPaint
CopyRect
EqualRect
GetClassInfoExA
GetFocus
GetSysColor
FindWindowA
GetWindowTextA
CallWindowProcA
PeekMessageA
wvsprintfA
GetWindow
GetParent
GetActiveWindow
InvalidateRgn
UnregisterClassA
GetClassNameA
IsWindow
KillTimer
SetCapture
CreateAcceleratorTableA
SetFocus
SetTimer
BeginPaint
PostThreadMessageA
GetWindowLongA
PostMessageA
GetQueueStatus
CreateDialogParamA
SendNotifyMessageA
SetWindowTextA
DestroyAcceleratorTable
GetDC
FillRect
SetWindowPos

kernel32

MapViewOfFile
LocalFree
GetShortPathNameW
ReadFile
LocalAlloc
GlobalFree
GetProcessAffinityMask
CreateFileMappingA
GetTickCount
DisableThreadLibraryCalls
EnumResourceTypesA
GlobalAlloc
SetFilePointer
GetFileSize
WideCharToMultiByte
GetFileAttributesA
WriteFile
UnmapViewOfFile
Sleep
CreateFileW
CreateFileA
GlobalSize
CloseHandle

winmm

timeGetTime
timeSetEvent

version

GetFileVersionInfoSizeW
GetFileVersionInfoA
GetFileVersionInfoW
GetFileVersionInfoSizeA
VerQueryValueW
VerQueryValueA

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderPathW

advapi32

CryptAcquireContextA
RegDeleteValueA
RegEnumValueA
CryptCreateHash
CryptImportKey
CryptGetHashParam
CryptDestroyHash
RegCreateKeyExA
RegEnumKeyExA
CryptDestroyKey
CryptReleaseContext
CryptEncrypt
RegSetValueExA
RegOpenKeyExA
CryptHashData
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
RegDeleteKeyA

gdi32

GetObjectA
BitBlt
CreateCompatibleBitmap
DeleteDC
ExtEscape
SelectPalette
CreateSolidBrush
DeleteObject
CreateCompatibleDC
CreateDIBitmap
StretchDIBits
GetStockObject
SelectObject
RealizePalette
CreateDIBSection
CreateFontA
SetStretchBltMode
GetDeviceCaps
GetDIBits
SetBkMode

wininet

InternetOpenA
InternetReadFile
InternetOpenUrlA
InternetCloseHandle

ole32

OleInitialize
StgCreateDocfile
CreateStreamOnHGlobal
CoInitialize
StgOpenStorage
CoTaskMemRealloc
CoGetClassObject
CreateItemMoniker
StringFromGUID2
StgIsStorageFile
BindMoniker
CoTaskMemAlloc
CoCreateInstance
CLSIDFromProgID
CoSetProxyBlanket
CoTaskMemFree
CreateBindCtx
OleLockRunning
OleUninitialize
CoInitializeSecurity
GetRunningObjectTable
CoUninitialize
CLSIDFromString

shlwapi

PathFileExistsW
PathCombineW

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7c102ad572e739b8d8104b7c11e9322

Headers

File Characteristics

Imports

setupapi

gdiplus

user32

kernel32

winmm

version

shell32

advapi32

gdi32

wininet

ole32

shlwapi

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 71KB - Virtual size: 71KB

.tls Size: 1024B - Virtual size: 368KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 71KB - Virtual size: 71KB

.tls
Size: 1024B - Virtual size: 368KB