29f69267b9ec950a0e765bed910c8d79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29f69267b9ec950a0e765bed910c8d79_JaffaCakes118
Size

97KB
MD5

29f69267b9ec950a0e765bed910c8d79
SHA1

78a169501c3afaf4875bef6e408f5b5e0d257e92
SHA256

e659f6d822670f094cf2dc84598506e3475f60ae21a40fc4b4a71a220cb2db18
SHA512

eb3ba434551f2b1977735ec0ac068bab1f7a167238db172a5a74fcad9a7eb0aae4db90d7160814c908a49394c1c70d9a9a5f154cb13952a81b7e0415034d9342
SSDEEP

1536:qG/UXPQF59ruoYFy3wb/QeaA/yYUoUl1kd9pOwrY+WE8PSxhGa4xrc6ZjV:qGcXPC9CfFy3wcoUMp70O8P4huRc6r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f69267b9ec950a0e765bed910c8d79_JaffaCakes118

Files

29f69267b9ec950a0e765bed910c8d79_JaffaCakes118
.dll windows:5 windows x86 arch:x86

810a63c3cc0e094527bb96b2b5ecde0f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

wcslen
strlen
_vsnprintf

shlwapi

StrRStrIW
StrFormatByteSizeA
StrRChrA
StrTrimA
StrToIntExA
StrCSpnIW
PathAppendW

shell32

ord685

kernel32

GetModuleHandleExA
LoadResource
ClearCommError
GetNamedPipeHandleStateA
GetCommProperties
SetFileTime
WaitNamedPipeW
FindResourceA
SetThreadPriority
GetProcessVersion
CreateEventW
OpenEventW
GetFileSize
SetCurrentDirectoryA
LoadLibraryW
CreateHardLinkA
FlushViewOfFile
DisconnectNamedPipe
GetTickCount
SleepEx
DosDateTimeToFileTime
FileTimeToDosDateTime
WideCharToMultiByte

user32

PostMessageW
RealGetWindowClassW
SetWindowRgn
TranslateMDISysAccel
DestroyIcon
ToUnicode
FindWindowA
GetDesktopWindow
RedrawWindow
ReleaseDC
SetCursorPos
GetForegroundWindow
IsDialogMessageA
GetClientRect
CharLowerBuffW
CharPrevExA
DialogBoxParamW
IsZoomed
GetWindowDC
GetWindowRect
ScreenToClient
InvertRect
ClientToScreen
MenuItemFromPoint
CreateAcceleratorTableW
DrawTextExW
SetScrollRange
TranslateMessage
MessageBoxA
LoadMenuW
GetAncestor
EnumPropsA
GetWindowTextW
PeekMessageW
GetWindowContextHelpId
GetAltTabInfoW
MapWindowPoints
UnregisterHotKey
GetPropW
DispatchMessageW
GetParent
GetDC
DrawFocusRect
LockWindowUpdate

gdi32

GetDIBColorTable
SetColorAdjustment
SetDIBits
SaveDC
PolyPolyline
PtInRegion
UpdateColors
GetTextColor
GetTextMetricsA
SetTextJustification
CreateBitmapIndirect
ScaleViewportExtEx
GetCharacterPlacementA
SetMapMode
GetBoundsRect
AddFontResourceA
GetBitmapBits
GetClipRgn
SetTextAlign

advapi32

GetLengthSid
InitializeSid
AreAllAccessesGranted
EqualPrefixSid

Exports

Exports

__DrawText@12
__ExtCreateRegion@12

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ecode
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orig_m
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s_data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ex_dat
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 874B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

810a63c3cc0e094527bb96b2b5ecde0f

Headers

File Characteristics

Imports

ntdll

shlwapi

shell32

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.ecode Size: 13KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 276B

.orig_m Size: 512B - Virtual size: 128B

.s_data Size: 3KB - Virtual size: 3KB

.ex_dat Size: 512B - Virtual size: 500B

.rsrc Size: 124KB - Virtual size: 124KB

.reloc Size: 1024B - Virtual size: 874B

.text
Size: 2KB - Virtual size: 1KB

.ecode
Size: 13KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 276B

.orig_m
Size: 512B - Virtual size: 128B

.s_data
Size: 3KB - Virtual size: 3KB

.ex_dat
Size: 512B - Virtual size: 500B

.rsrc
Size: 124KB - Virtual size: 124KB

.reloc
Size: 1024B - Virtual size: 874B