29e6baeb6fc6fd65171eeaa9c0c02119_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29e6baeb6fc6fd65171eeaa9c0c02119_JaffaCakes118
Size

241KB
MD5

29e6baeb6fc6fd65171eeaa9c0c02119
SHA1

9392b430c503bffacbac95f2248da6a359498b06
SHA256

55ec242560a4ebf66d5cd277499d682bd3d3a30393a88814e7f5099eff15c16e
SHA512

e0a17c9a631dd8ffb2d35665e6596d14f79a59b10c31c84f07b7f9b173a0c259c1498e3f0b761e443cf66e79754f3e24e4cffb07ad1b64cc3e11151dd7c6c492
SSDEEP

6144:WaAYsNfZ0vxBvIvq9KGjng2ioS+hIsy6Li2N:WaAYsf03vIi9KGjnI0Li2N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e6baeb6fc6fd65171eeaa9c0c02119_JaffaCakes118

Files

29e6baeb6fc6fd65171eeaa9c0c02119_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20a8d8626ddb7b221c3f10db1b4fe963

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\SYEOSP\MMCODGAOX\TTFEY\DDSB

Imports

shell32

Shell_NotifyIconA
SHBrowseForFolderA
ShellExecuteA
ShellExecuteExA
SHGetPathFromIDListA
SHEmptyRecycleBinA
ord155

user32

SystemParametersInfoA
ScrollWindow
EndPaint
DefWindowProcW
SendMessageTimeoutW
MessageBoxW
RegisterClassExW
GetScrollInfo
GetDlgItemInt
DispatchMessageW
BeginPaint
GetFocus
EnableWindow
SetMenuItemInfoW
SetRectEmpty
CreateWindowExW
GetMessageW
GetWindowRect
ShowWindow
GetSysColorBrush
RedrawWindow
GetActiveWindow
GetParent
RegisterClassW
DestroyWindow
GetDesktopWindow
LoadMenuW
GetClassNameW

winmm

waveOutGetDevCapsA
waveInUnprepareHeader
mixerGetNumDevs
waveInReset
PlaySoundA
waveInPrepareHeader
waveInAddBuffer
mixerOpen
mixerSetControlDetails
waveInStart
mixerClose
waveOutWrite
waveInOpen
waveOutUnprepareHeader
waveOutPrepareHeader
waveInGetNumDevs
waveInClose

ole32

OleSetClipboard
OleIsCurrentClipboard
GetClassFile
OleCreateStaticFromData
CoFreeUnusedLibraries
CoTaskMemFree
GetRunningObjectTable
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
OleDuplicateData
StgIsStorageILockBytes
StgCreateDocfileOnILockBytes

oleaut32

LoadTypeLi

kernel32

GetTimeZoneInformation
WriteFile
LCMapStringA
VirtualFree
QueryPerformanceCounter
SetEnvironmentVariableA
GetEnvironmentStringsW
VirtualProtect
FatalAppExitA
VirtualAlloc
HeapSize
InterlockedExchange
HeapDestroy
SetLastError
IsBadWritePtr
GetDateFormatA
GetLastError
GetStringTypeW
EnterCriticalSection
SetHandleCount
GetCommandLineW
GetCurrentProcess
DeleteCriticalSection
GetStartupInfoW
GetFileType
GetLocaleInfoA
WideCharToMultiByte
GetLocaleInfoW
VirtualQuery
GetCurrentThread
FlushFileBuffers
UnhandledExceptionFilter
GetTickCount
GetTimeFormatA
TlsAlloc
CloseHandle
GetVersionExA
GetCommandLineA
GetModuleHandleA
TlsFree
GetUserDefaultLCID
TlsGetValue
SetFilePointer
GetModuleHandleW
CompareStringA
InitializeCriticalSection
ReadFile
SetStdHandle
LoadLibraryA
CompareStringW
GetOEMCP
GetACP
MultiByteToWideChar
GetStdHandle
GetStartupInfoA
RtlUnwind
GetStringTypeA
OpenMutexW
GetModuleFileNameA
GetSystemInfo
HeapReAlloc
HeapCreate
FreeEnvironmentStringsW
GetModuleFileNameW
GetSystemTimeAsFileTime
HeapFree
GetProcAddress
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
IsValidCodePage
GetEnvironmentStrings
GetCPInfo
FreeEnvironmentStringsA
IsValidLocale
LCMapStringW
CreateMutexW
LeaveCriticalSection
HeapAlloc
ExitProcess
TlsSetValue

shlwapi

StrCpyW
PathFindExtensionW
PathIsUNCW
StrFormatByteSizeW
PathIsFileSpecW
PathFindFileNameW
StrCmpW
StrCmpIW

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20a8d8626ddb7b221c3f10db1b4fe963

Headers

File Characteristics

PDB Paths

Imports

shell32

user32

winmm

ole32

oleaut32

kernel32

shlwapi

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 85KB - Virtual size: 84KB

.data Size: 56KB - Virtual size: 70KB

.rsrc Size: 20KB - Virtual size: 20KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 85KB - Virtual size: 84KB

.data
Size: 56KB - Virtual size: 70KB

.rsrc
Size: 20KB - Virtual size: 20KB