29392aade5f3147992d46eaed7ec03fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29392aade5f3147992d46eaed7ec03fc_JaffaCakes118
Size

108KB
MD5

29392aade5f3147992d46eaed7ec03fc
SHA1

9185003b37ecaf6472fc0e78d4c1fe0c79c752bc
SHA256

0a9472cc1c35e2cbc7013506ecc95bed953750f4f24062376146b6d5ccbe935e
SHA512

ac1148956c64fd7272b1a71e2f23241b01591ecf1d5037ce8f63183025650f2d5e1876a2d24ca6c1d23638fba8e452a9b84c81053c675d9e2f229a5f7a1d8ac7
SSDEEP

1536:WYvfyXrFIZ7Jiul4OvzxEfI2agmmQ7pU2s5sVdzmh:WYXyMJ3txEQbgcsCD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29392aade5f3147992d46eaed7ec03fc_JaffaCakes118

Files

29392aade5f3147992d46eaed7ec03fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

431b1ad4e2b7ba00e405b70f47d8f68c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyA
RegEnumKeyA

comctl32

ImageList_Destroy
ImageList_GetBkColor
ImageList_Read
ImageList_DrawEx
ImageList_DragShowNolock
ImageList_Write
ImageList_Create
ImageList_Draw
ImageList_Remove
ImageList_Add

version

GetFileVersionInfoSizeA
GetFileVersionInfoA

msvcrt

memcpy
memmove
strncmp
pow

shlwapi

SHQueryInfoKeyA

gdi32

GetDIBits
SetBkMode
SetTextColor
CreatePalette
CreateDIBSection
GetPaletteEntries
CreatePenIndirect
CreateCompatibleDC
CreateCompatibleBitmap

user32

DefMDIChildProcA
EqualRect
CreateMenu
SetTimer
GetSysColor
GetMessagePos
GetSubMenu
GetCursor
BeginDeferWindowPos
ShowWindow
FrameRect
SystemParametersInfoA
GetDlgItem
GetKeyNameTextA
IsDialogMessageA
GetCapture
ClientToScreen
CheckMenuItem
CharToOemA
GetMenuItemInfoA
GetParent
DefWindowProcA
GetScrollPos
MessageBoxA
EndPaint
GetClassLongA
CharLowerA
HideCaret
GetForegroundWindow
GetClientRect
CharLowerBuffA
CreatePopupMenu
GetDC
GetScrollInfo
DispatchMessageW
GetCursorPos
GetWindow
GetClassInfoA
GetIconInfo
GetClipboardData
GetMenuItemID
GetPropA
EnumWindows
IsMenu
FillRect
ShowScrollBar
EnableMenuItem
CreateWindowExA
FindWindowA
RegisterClassA
CreateIcon
EnumChildWindows
EndDeferWindowPos
IsWindowEnabled
TrackPopupMenu
GetFocus
DrawMenuBar
EnableScrollBar
SetWindowPos
DrawTextA
GetMenuState
SetWindowTextA
DefFrameProcA
GetSysColorBrush
DeferWindowPos
CharNextA
GetKeyState
SetCursor
DrawIconEx

oleaut32

SysFreeString
VariantChangeType
SafeArrayGetElement
GetErrorInfo
SafeArrayUnaccessData

shell32

DragQueryFileA
SHGetDesktopFolder
SHGetFolderPathA
SHGetSpecialFolderLocation

comdlg32

FindTextA
GetFileTitleA
GetSaveFileNameA

kernel32

Sleep
GetModuleHandleA
LoadLibraryExA
ExitThread
LoadLibraryA
ExitProcess
LocalAlloc
VirtualAlloc

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.init
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

431b1ad4e2b7ba00e405b70f47d8f68c

Headers

File Characteristics

Imports

advapi32

comctl32

version

msvcrt

shlwapi

gdi32

user32

oleaut32

shell32

comdlg32

kernel32

Sections

.text Size: 51KB - Virtual size: 50KB

.init Size: 4KB - Virtual size: 3KB

.edata Size: 49KB - Virtual size: 49KB

.data Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.text
Size: 51KB - Virtual size: 50KB

.init
Size: 4KB - Virtual size: 3KB

.edata
Size: 49KB - Virtual size: 49KB

.data
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB