29ece2f30eff63dcdd12f8634f03aceb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29ece2f30eff63dcdd12f8634f03aceb_JaffaCakes118
Size

1.0MB
MD5

29ece2f30eff63dcdd12f8634f03aceb
SHA1

f5d0c6d0e561a3ccd412ebcbace972235641a3a9
SHA256

5c008ae3425e6d0a9bdd526318067b4bf566effc0e6017c7f4f9464b1be777ee
SHA512

38d77a0705893856145ba2862e48bdd3f3226aedb372249e10a14f613ac4ecb00b4bbb2eb13a75530bdea2e8ea84db8f8081953f64540afc7a0070f185f8dbbf
SSDEEP

6144:sc+QME1bHVjNBULjfIDY81ToPNlk07S6I4Z:H+QM8pXoj+5QSR0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ece2f30eff63dcdd12f8634f03aceb_JaffaCakes118

Files

29ece2f30eff63dcdd12f8634f03aceb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3a3d37426af2e53b8eeb52e69045a2ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
TerminateThread
CreateThread
SetCurrentDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetCurrentDirectoryA
CopyFileA
SetFileAttributesA
CreateDirectoryA
CreateFileA
WriteFile
CloseHandle
GetFileSize
DeleteFileA
SetFilePointer
ReadFile
lstrlenA
WaitForSingleObject
TerminateProcess
GetModuleFileNameA
GetLocalTime
CreateSemaphoreA
GetLastError
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetSystemTime
SystemTimeToFileTime
SetFileTime
GetVersionExA
MultiByteToWideChar
WideCharToMultiByte
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
HeapSize
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
ExitProcess
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCommandLineA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
RaiseException
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement

user32

PostMessageA
FindWindowA
EnumChildWindows
GetWindowRect
GetCursorPos
SetCursorPos
GetWindowTextA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
SendMessageA
IsWindowVisible
IsWindowEnabled
mouse_event
GetParent
DefWindowProcA
DestroyWindow
GetMessageA
WindowFromPoint
SetTimer
DispatchMessageA
TranslateMessage
GetClassNameA

shell32

ShellExecuteA
ShellExecuteExA
SHFileOperationA

wininet

InternetOpenUrlA
InternetCloseHandle
HttpQueryInfoA
InternetReadFile
InternetOpenA

ws2_32

gethostbyname
socket
htons
inet_addr
connect
closesocket
gethostname
WSAStartup
WSACleanup
recv
send
inet_ntoa

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3a3d37426af2e53b8eeb52e69045a2ab

Headers

File Characteristics

Imports

kernel32

user32

shell32

wininet

ws2_32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 1KB