29f315955a75d74215fc8f618f25e67c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29f315955a75d74215fc8f618f25e67c_JaffaCakes118
Size

332KB
MD5

29f315955a75d74215fc8f618f25e67c
SHA1

ca6b43c759aa673daf56ee0a2f13d12b894b0329
SHA256

1d722ae2fc367aa5c585dd3c816e3069c4c5162d87f01676e71c1104ed790c2d
SHA512

c0d5119a685ceb4d00cfeaab76689b88af61d0fbb45c0458a3ff1d9a1622403bb414264e57c9958f7aac64c2cb17d99247246a19a40874d9bc58bc5109fa9119
SSDEEP

6144:5oAb9FmngeQ6Ks15DHmiUH7Pwwtxu3rkkVzcvp9ayMy0WS6V1MY1:5hbrmngeQ6KsbmiUHVpkmvpJMy0WS6fb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f315955a75d74215fc8f618f25e67c_JaffaCakes118

Files

29f315955a75d74215fc8f618f25e67c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0919702058e9a3217df60badc5fe57f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchangeAdd
GetProcessWorkingSetSize
IsBadStringPtrA
AddAtomA
HeapFree
FindFirstFileA
EnumCalendarInfoA
SetProcessAffinityMask
GetSystemDirectoryA
DeleteFileW
WriteProfileStringA
TransactNamedPipe
GetFileAttributesW
UnmapViewOfFile
LocalUnlock
lstrcatA
GlobalUnlock
GlobalGetAtomNameW
lstrcmpiW
GetCommandLineA
SetConsoleTextAttribute
BackupRead
PeekConsoleInputA
CreateFileW
IsDebuggerPresent
GetThreadTimes
SetThreadExecutionState
GetShortPathNameA
GetModuleFileNameA
ExitProcess
_hread
CreateMutexW
FreeEnvironmentStringsW
GlobalCompact
GetNumberOfConsoleInputEvents
ReadConsoleInputW
SetThreadPriority
SetConsoleTitleA
GetNumberFormatA
MoveFileExA
GlobalAddAtomW
GetVersionExA
lstrlenA
VirtualProtect
GetSystemDefaultLCID

user32

GetUserObjectInformationA
DefFrameProcA
CreateWindowExW
LoadIconW
GetSystemMetrics
GetWindowRgn

gdi32

DeleteMetaFile
GetDeviceCaps
RectInRegion
StretchBlt
GetBitmapBits
EnumFontFamiliesExA
SetTextJustification
CreateFontW
GetCharacterPlacementW
CreateMetaFileA
CreateDIBPatternBrushPt
GetBkColor
SetMetaFileBitsEx
TextOutW
Pie
ExtCreatePen
CreateBrushIndirect
LineDDA
OffsetClipRgn

comdlg32

FindTextA

advapi32

ObjectDeleteAuditAlarmW
CryptAcquireContextA
EnumServicesStatusA
CryptSetKeyParam
RegEnumKeyA
RegSetValueExW
FreeSid
OpenSCManagerW
AllocateLocallyUniqueId
RegGetKeySecurity
IsValidSecurityDescriptor
GetFileSecurityW
InitializeAcl
GetSidLengthRequired

shell32

SHGetFileInfoA
DragAcceptFiles
DuplicateIcon
SHGetSettings
SHGetMalloc

ole32

CLSIDFromProgID
OleLoadFromStream
OleFlushClipboard
CoTaskMemAlloc

oleaut32

DispGetIDsOfNames
LoadTypeLi
SafeArrayCreateVector
SafeArrayGetLBound
VariantChangeType
SysStringLen
SafeArrayPutElement

comctl32

ImageList_GetImageCount
ImageList_GetImageInfo

shlwapi

PathFindExtensionW
SHOpenRegStream2W
PathIsFileSpecA
PathIsFileSpecW
PathIsNetworkPathW
PathFileExistsW
StrCmpNA
StrTrimW
PathRemoveExtensionW
UrlCombineW
SHRegQueryUSValueW
PathFindFileNameA
PathIsRootA
PathUndecorateW
UrlCreateFromPathW
PathIsDirectoryA
StrFormatKBSizeW
PathAppendA

setupapi

SetupOpenAppendInfFileW
SetupGetTargetPathW
SetupDiGetDeviceInstallParamsA
SetupDiGetClassDevsExA
SetupDiSetDeviceRegistryPropertyA

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a0919702058e9a3217df60badc5fe57f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 28KB - Virtual size: 25KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 28KB - Virtual size: 25KB