29f40c083d821ff8f0eb6c27b928d237_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29f40c083d821ff8f0eb6c27b928d237_JaffaCakes118
Size

320KB
MD5

29f40c083d821ff8f0eb6c27b928d237
SHA1

4057d1ed0f7af4a23f9e3ac65feb8423aa702f9f
SHA256

0de75e1c9d17644a874ae33c7ddd187f66a4a4bd497671f453dd008c2619c61f
SHA512

4d9c08f6354d6ed2309a52b4ceda633836437bd6b0883d2d9bfef27bcbf2e05760aa92306cc4dc9763877b71922363b4abaf033c57abd0c68fa8cef0d8b53700
SSDEEP

6144:XH6hOu5cLXz12iv5It3L6pKU+Ht5I0SNPnkS7onJvvCaCYfluhTID:XHCjcH1VGt7Y+N5UL8nR67WWg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f40c083d821ff8f0eb6c27b928d237_JaffaCakes118

Files

29f40c083d821ff8f0eb6c27b928d237_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4e07541a52192497af930d381efcae1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
VirtualQueryEx
ScrollConsoleScreenBufferA
SetConsoleActiveScreenBuffer
SetThreadPriorityBoost
LoadLibraryExA
LocalFileTimeToFileTime
LoadLibraryExW
GetDriveTypeA
SetCommTimeouts
IsBadReadPtr
MoveFileExA
FreeEnvironmentStringsA
FindResourceExA
WritePrivateProfileStringA
SetLastError
RemoveDirectoryA
ReleaseSemaphore
GetPrivateProfileSectionW
GetModuleHandleA
TlsGetValue
SetupComm
PeekConsoleInputW
DeleteCriticalSection
ClearCommBreak
SetFileAttributesA
GetCurrentDirectoryW
SetHandleCount
ReleaseMutex
SetProcessWorkingSetSize
GetWindowsDirectoryA
GetLocaleInfoW
ReadDirectoryChangesW
SetThreadAffinityMask
EraseTape
GetPrivateProfileStringW
FormatMessageA
SetConsoleMode
_hread
VirtualLock
lstrcpyA
FindNextChangeNotification
GetLogicalDriveStringsA
GetDateFormatA
GetCPInfo
GlobalAddAtomA
GetConsoleCursorInfo
WriteConsoleOutputCharacterA
FreeLibraryAndExitThread
_lclose
SetConsoleOutputCP
FreeResource
EnumCalendarInfoW
GetComputerNameW
SetConsoleTitleA
OpenSemaphoreW
CreateWaitableTimerA
GetVolumeInformationW
CreateProcessA
EnumSystemCodePagesW
InitializeCriticalSection
CancelIo
IsDBCSLeadByteEx
GetSystemDirectoryW
GlobalGetAtomNameW
CreateDirectoryExA
OutputDebugStringA
RaiseException
GetUserDefaultLangID
GetSystemTimeAdjustment
GetAtomNameA
GenerateConsoleCtrlEvent
CreateFileW
GlobalFlags
EnumCalendarInfoA
GetVersionExA
VirtualProtect
CompareStringA
GetSystemInfo
WritePrivateProfileSectionW
GlobalReAlloc
GetPrivateProfileStringA
LocalSize
GetTempFileNameA
GetFileAttributesA
GetShortPathNameA
GetNumberFormatW
GetOverlappedResult
GetEnvironmentStringsW
GetDiskFreeSpaceExA
SetCommMask
GetThreadContext
SetThreadLocale
GetStartupInfoA
GlobalDeleteAtom
ReadConsoleInputW
lstrcatW
GetCommandLineA
lstrcmpiW
ExitProcess

user32

CopyAcceleratorTableW
SetClassLongW
IsMenu
GetAncestor
SetClassLongA
DrawTextW
SetRectEmpty
OemKeyScan
TrackPopupMenuEx
MonitorFromWindow
OpenDesktopW
IsCharAlphaNumericA
ChangeMenuA
GetClipboardData
LoadMenuIndirectW
CreateDialogParamA
SwapMouseButton
GetKeyboardLayoutNameA
ChangeDisplaySettingsExA
EnumDisplayDevicesW
GetWindowTextA
SetDlgItemInt
OpenInputDesktop

gdi32

CreateEllipticRgn
SetMetaFileBitsEx
CloseFigure
GetViewportExtEx
LineTo
StrokePath
CreateFontA
ExcludeClipRect

comdlg32

ChooseColorW
GetFileTitleA

advapi32

SetEntriesInAclW
PrivilegeCheck
DeregisterEventSource
RegisterEventSourceA
IsValidSecurityDescriptor
CryptGenKey
RegUnLoadKeyA
AdjustTokenPrivileges
LookupPrivilegeDisplayNameA
StartServiceW
RevertToSelf
GetAclInformation
GetLengthSid

shell32

FindExecutableA
ExtractIconA
SHGetPathFromIDListA

ole32

OleCreateMenuDescriptor

oleaut32

SafeArrayCreate
QueryPathOfRegTypeLi
SafeArrayGetElement
SysAllocStringLen
LoadTypeLibEx

shlwapi

StrFormatByteSizeA
UrlCreateFromPathW
PathGetArgsW
StrPBrkW
StrToIntW
PathAppendA
StrCmpNIA
PathAppendW
StrRetToBufW
UrlGetPartW

setupapi

SetupOpenAppendInfFileW
SetupScanFileQueueW
SetupDiSetSelectedDriverA
SetupDiGetDeviceRegistryPropertyA
SetupDiSetSelectedDriverW
SetupDiOpenDevRegKey
SetupScanFileQueueA
SetupFindNextLine

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4e07541a52192497af930d381efcae1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB