29f9edd773ba9e55a7dfc9149e0b7c32_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29f9edd773ba9e55a7dfc9149e0b7c32_JaffaCakes118
Size

262KB
MD5

29f9edd773ba9e55a7dfc9149e0b7c32
SHA1

a2f233db9d2f4fdbe93c67821c5e4854416c8e02
SHA256

e92dcde1d79615066606109d1d6326f30faefc18c4d3c649ab8abb3c21a52712
SHA512

3b5e1c00fc5082e147a82b99673ad54c410e326726e5308d45b9e7af9f57ec65b4e4fc91aa0f1dbd0fb1f68a579302fc5fa4e02ff7ad3b77aedf254258fc26a5
SSDEEP

6144:8ZfrnpNAgXuZTtD6uzhVaeco8pq21L0dEsEVA8pAdCHTn:8ZfrXiBDCW21GtUpAdGD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f9edd773ba9e55a7dfc9149e0b7c32_JaffaCakes118

Files

29f9edd773ba9e55a7dfc9149e0b7c32_JaffaCakes118
.dll windows:1 windows x86 arch:x86

6e0181896869256889716d34b847322b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ConnectNamedPipe
EnumResourceTypesA
EnumSystemCodePagesA
EscapeCommFunction
ExitProcess
ExitThread
FindFirstFileExW
FindNextFileW
GetCommMask
GetCommState
GetConsoleAliasesA
GetCurrencyFormatW
GetCurrentConsoleFont
GetDevicePowerState
GetDiskFreeSpaceExA
GetFileSize
GetModuleFileNameA
GetNumberOfConsoleFonts
GetPrivateProfileStructW
GetTapeStatus
GetVolumeInformationA
GlobalSize
GlobalUnfix
IsBadWritePtr
LoadLibraryA
MoveFileWithProgressW
QueryPerformanceCounter
RtlZeroMemory
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetErrorMode
SetLastError
SetNamedPipeHandleState
SetVDMCurrentDirectories
SetWaitableTimer
Sleep
TlsGetValue
VDMConsoleOperation
VirtualProtect
WaitForMultipleObjects
WriteConsoleOutputW
WriteFileEx
_hread
_lclose
_lwrite
lstrcmpA
lstrcmpiA

user32

AttachThreadInput
CharUpperBuffA
CheckDlgButton
CheckRadioButton
CreateAcceleratorTableA
DdeSetUserHandle
DefWindowProcA
DestroyWindow
EditWndProc
EnumDesktopsA
FillRect
GetAltTabInfoA
GetClassWord
GetMenuInfo
GetMenuState
GetScrollRange
GetTitleBarInfo
InsertMenuW
LoadIconA
MessageBeep
MessageBoxIndirectA
ModifyMenuW
OpenClipboard
ReleaseCapture
SendMessageTimeoutW
SetMessageQueue
SetProcessWindowStation
SetWindowContextHelpId
SetWindowLongA
SwapMouseButton
ToUnicode
TranslateAcceleratorA
wvsprintfA

gdi32

CreateDIBPatternBrush
CreateHalftonePalette
DeleteEnhMetaFile
EnumICMProfilesW
ExtCreateRegion
FillPath
GdiComment
GetBitmapBits
GetClipRgn
GetMiterLimit
GetPath
GetPixel
GetPixelFormat
GetRandomRgn
GetTextFaceA
GetTextFaceW
GetWindowExtEx
SelectBrushLocal
SelectFontLocal
SetDeviceGammaRamp
SetICMProfileA
SetMetaRgn
StartPage

comctl32

DrawStatusTextA
FlatSB_EnableScrollBar
FlatSB_SetScrollPos
ImageList_Draw
ImageList_GetImageCount
ImageList_Remove
ImageList_ReplaceIcon
InitializeFlatSB

shell32

DragAcceptFiles
SHFileOperationA

advapi32

BuildTrusteeWithNameA
ChangeServiceConfigW
ControlService
ConvertAccessToSecurityDescriptorA
CreateServiceA
ElfBackupEventLogFileW
ElfOpenEventLogA
EnumDependentServicesA
LsaLookupPrivilegeValue
OpenServiceA
RegLoadKeyA
RegisterEventSourceA
ReportEventA
SetSecurityDescriptorGroup

msvcrt

_c_exit
_dup2
_execl
_execlpe
_fcloseall
_fgetwchar
_getdcwd
_heapadd
_spawnle
_spawnvp
_unloaddll
_wopen
fmod
rand
wcscmp
wcstol
wcsxfrm

Exports

Exports

FdWeCefmkc
KTzwbvPWhPvxhxjcHU
Myzioiuc
QxFtVaiZqVxg
SBOyyrpap
UjiujupeocT
WikdfpBsfHw

Sections

.text
Size: 6KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e0181896869256889716d34b847322b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

shell32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 661KB

.data Size: 248KB - Virtual size: 256KB

.edata Size: 512B - Virtual size: 206B

.rdata Size: 2KB - Virtual size: 7KB

BSS Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 796B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 661KB

.data
Size: 248KB - Virtual size: 256KB

.edata
Size: 512B - Virtual size: 206B

.rdata
Size: 2KB - Virtual size: 7KB

BSS
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 796B

.reloc
Size: 1KB - Virtual size: 1KB