429814d294ad6db4cbcb342102a785ff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

429814d294ad6db4cbcb342102a785ff_JaffaCakes118
Size

574KB
MD5

429814d294ad6db4cbcb342102a785ff
SHA1

3e320e56fe3f2c48c49f356098bf688b5cc708b3
SHA256

82bc6110c5ee69edd46abb228b25d4bd7dd89352bb78fb56b84904769c8544bd
SHA512

62ee74948596794de56eb876bd365aac08faa7cb84910022531d97d2ec52b643eca8259a80037eb8ae8915a3c8fc84d9e0282016fb4cfb1643246920a9b158a5
SSDEEP

12288:o4fSk3Emn/w2eNTu01r0wx5TaP781Nevf5C9h/Jf3AKPNq2TYUQu4+o/yRxmt:o4fSkXn/yTuMt5TaP7QOhC91xQricUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429814d294ad6db4cbcb342102a785ff_JaffaCakes118

Files

429814d294ad6db4cbcb342102a785ff_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5ce42bf5812460411050900a96d5fdfd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

version

VerInstallFileA
GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueW
VerInstallFileW
GetFileVersionInfoA
VerFindFileW
VerFindFileA
GetFileVersionInfoW

winmm

mixerMessage
mixerGetLineControlsA

comdlg32

PageSetupDlgW
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
CommDlgExtendedError

setupapi

SetupDiOpenDeviceInfoA
SetupDiGetDeviceInfoListDetailW
SetupDiDestroyDeviceInfoList
CM_Locate_DevNode_ExA
CM_Get_DevNode_Registry_PropertyW

kernel32

lstrcmpiW
lstrcmpA
WriteProfileStringW
VerLanguageNameW
VerLanguageNameA
UnregisterWait
SetLastError
SetCommConfig
RequestDeviceWakeup
OpenJobObjectW
HeapAlloc
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetStringTypeW
GetProcAddress
GetPrivateProfileSectionNamesW
GetNamedPipeHandleStateA
GetFileSize
GetDateFormatW
GetComputerNameW
GetCommandLineA
ExitProcess
EnumResourceNamesA
BackupWrite
CancelIo
ChangeTimerQueueTimer
CommConfigDialogW
CopyFileW
CreateFileA
CreateJobObjectW
CreateTimerQueueTimer
DeleteFileA
DeleteTimerQueueTimer
EndUpdateResourceW
EnumResourceLanguagesA

ntdll

DbgPrintReturnControlC
ZwPlugPlayControl
ZwImpersonateClientOfPort
ZwDeleteObjectAuditAlarm
ZwCreateTimer
ZwCreateIoCompletion
RtlpNtSetValueKey
RtlUpperChar
RtlSetUserFlagsHeap
RtlNtStatusToDosError
RtlNormalizeProcessParams
RtlLargeIntegerToChar
CsrClientConnectToServer
NtAlertResumeThread
NtCreateThread
NtPowerInformation
NtRegisterThreadTerminatePort
NtYieldExecution
RtlAppendStringToString
RtlConvertExclusiveToShared
RtlDelete
RtlEqualString
RtlFindMostSignificantBit
RtlFindSetBits
RtlImpersonateSelf
RtlInitializeCriticalSection
RtlInitializeHandleTable
RtlLargeIntegerArithmeticShift

user32

ShowCursor
SendMessageA
PostMessageA
OemToCharW
IsCharUpperA
GetDlgItem
EnableMenuItem
EmptyClipboard
DrawCaption
DialogBoxParamA
CreateIcon
UpdateWindow
CharLowerA
CharToOemA
CharToOemBuffA
CloseWindow
CreateDialogParamA

Sections

.text
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 464KB - Virtual size: 467KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ce42bf5812460411050900a96d5fdfd

Headers

File Characteristics

Imports

version

winmm

comdlg32

setupapi

kernel32

ntdll

user32

Sections

.text Size: 60KB - Virtual size: 60KB

.data Size: 464KB - Virtual size: 467KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 60KB - Virtual size: 60KB

.data
Size: 464KB - Virtual size: 467KB

.rsrc
Size: 48KB - Virtual size: 47KB