29ab7f1a137f070fd156b940c98cbbec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29ab7f1a137f070fd156b940c98cbbec_JaffaCakes118
Size

864KB
MD5

29ab7f1a137f070fd156b940c98cbbec
SHA1

3f3d7debfcdf2306e4c6db9222d67072a5fe3477
SHA256

5da11c57da5f7d669e90c0abd471d0772d46d682171a2fc1ede46185c02feceb
SHA512

3ccc34a90264ac3e7808f11f80b730bd392ee0aab67db2e0e0acd4f69283747e1891c5d1bab454ae8dabec4c615274fd4eb3b4d8520b2f43743833314e74f404
SSDEEP

24576:GLOW4DfJ8ck051wQQHBqSa/h90VQV7ibDtI7hJ:RW4GdqSovd7hJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ab7f1a137f070fd156b940c98cbbec_JaffaCakes118

Files

29ab7f1a137f070fd156b940c98cbbec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b7d49cbb884bacb299d4579201df695

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathStripToRootA
PathIsFileSpecA
StrChrIA
PathSearchAndQualifyA
SHCreateStreamWrapper
PathCommonPrefixA
PathRemoveBlanksA
PathAppendA
PathIsUNCA
ColorHLSToRGB
HashData
PathGetDriveNumberA
PathIsRelativeA
SHRegCreateUSKeyA
PathQuoteSpacesA
SHRegOpenUSKeyA
StrSpnA
UrlCombineA
StrCSpnA
StrToIntExA
PathFileExistsA
StrFormatByteSize64A
UrlIsOpaqueA
UrlGetLocationA
PathFindOnPathA
SHDeleteValueA
SHRegWriteUSValueA
SHAutoComplete
PathMakePrettyA
AssocQueryStringA

kernel32

lstrcat
GetLocalTime
IsBadHugeReadPtr
WritePrivateProfileStringA
SetLocalTime
GetCurrentProcessId
IsDBCSLeadByteEx
lstrcmp
CreateNamedPipeA
GetConsoleOutputCP
CreateFiber
GetPrivateProfileStructA
UTRegister
ReadConsoleA
GenerateConsoleCtrlEvent
GetTimeZoneInformation
FlushConsoleInputBuffer
CopyFileA
Module32First
GetWindowsDirectoryA
PurgeComm
IsBadReadPtr
WaitForSingleObject
GetPrivateProfileSectionNamesA
GetProcessHeaps
ResetEvent
SearchPathA
BackupSeek
WriteConsoleOutputAttribute
GetProcessAffinityMask
GlobalGetAtomNameA
EraseTape
InterlockedIncrement
SetCommMask
GetShortPathNameA
PrepareTape
VirtualQueryEx
LocalFree
CreateConsoleScreenBuffer
GetCurrentThreadId
lstrlen
WinExec
CreateMailslotA
FlushInstructionCache
SetSystemTime
LockFileEx
LoadLibraryA
SetTimeZoneInformation
GetComputerNameA
EnumResourceTypesA
ReadFileEx
SetEvent
AddAtomA
HeapCompact
FindAtomA
OpenEventA
UpdateResourceA
GetCPInfoExA
SetConsoleActiveScreenBuffer
GetTickCount

advapi32

GetSecurityDescriptorOwner

Sections

.buzgf
Size: 638KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jqn
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nevc
Size: 19KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pcbgp
Size: 512B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zsr
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtsxa
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jad
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ebmjw
Size: 49KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rcfqr
Size: 125KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b7d49cbb884bacb299d4579201df695

Headers

File Characteristics

Imports

shlwapi

kernel32

advapi32

Sections

.buzgf Size: 638KB - Virtual size: 1.3MB

.jqn Size: 6KB - Virtual size: 8KB

.nevc Size: 19KB - Virtual size: 27KB

.pcbgp Size: 512B - Virtual size: 21KB

.zsr Size: 6KB - Virtual size: 15KB

.qtsxa Size: 512B - Virtual size: 56B

.jad Size: 512B - Virtual size: 24B

.ebmjw Size: 49KB - Virtual size: 77KB

.rcfqr Size: 125KB - Virtual size: 1.7MB

.rsrc Size: 18KB - Virtual size: 20KB

.buzgf
Size: 638KB - Virtual size: 1.3MB

.jqn
Size: 6KB - Virtual size: 8KB

.nevc
Size: 19KB - Virtual size: 27KB

.pcbgp
Size: 512B - Virtual size: 21KB

.zsr
Size: 6KB - Virtual size: 15KB

.qtsxa
Size: 512B - Virtual size: 56B

.jad
Size: 512B - Virtual size: 24B

.ebmjw
Size: 49KB - Virtual size: 77KB

.rcfqr
Size: 125KB - Virtual size: 1.7MB

.rsrc
Size: 18KB - Virtual size: 20KB