29ba816002f8e41912430a99a686b277_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29ba816002f8e41912430a99a686b277_JaffaCakes118
Size

1.4MB
MD5

29ba816002f8e41912430a99a686b277
SHA1

ac77ccbd627b41fb57b5d590d8277aed0acca09d
SHA256

6797804a068d72423de8070d47a20dd7ec0d6621f710437b7aabd5d112c86e1a
SHA512

0a52d727d91036cbe007350cd40841c8782eadd4cd8a2bf817c37f96e0f87e2224b08a69e792c93b233054c490c0c8ad6dabd0680bb4c14d54f8d77537eb6cd1
SSDEEP

24576:V1u8jMc2W4X1WAP5GHy+1QwgsxWjDhCwz/aIGPHwLdN4ANkNKmxmfChyiMAEcgQk:/u8jL2WYP5GHyhwX8HhCwz/aIGvwnIKZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ba816002f8e41912430a99a686b277_JaffaCakes118

Files

29ba816002f8e41912430a99a686b277_JaffaCakes118
.exe windows:4 windows x86 arch:x86

889fbee40ab5c3991ffd20511038ed7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\rczip_build 2.1\rczip_build 2.1 Chs\trunk\bin\Win32\release\pdb\HaoZip7zSetup.pdb

Imports

comctl32

InitCommonControlsEx

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHBrowseForFolderW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
SHGetMalloc

kernel32

SetCurrentDirectoryW
CreateProcessW
GetCurrentDirectoryW
LocalFree
WaitForSingleObject
SetFileApisToOEM
SetPriorityClass
SetThreadPriority
GetLastError
GetEnvironmentVariableW
GetCurrentProcess
GetCurrentThread
GetCommandLineW
GetFileAttributesW
FormatMessageW
GetModuleHandleW
FindResourceW
SetFileAttributesW
RemoveDirectoryW
CreateDirectoryW
DeleteFileW
InterlockedIncrement
InterlockedDecrement
FindFirstFileW
FindClose
FindNextFileW
FileTimeToSystemTime
SetFileTime
SetEndOfFile
WriteFile
GetFileSize
ReadFile
CreateFileW
SetFilePointer
GetCurrentThreadId
ResumeThread
Sleep
GetACP
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
GetTempFileNameW
GetLongPathNameW
MoveFileW
CloseHandle
GetWindowsDirectoryW
GetFullPathNameW
GetVersionExW
ExpandEnvironmentStringsW
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
InitializeCriticalSection
LoadLibraryA
HeapReAlloc
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
DeleteCriticalSection
GetModuleFileNameW
GetTempPathW
WaitForMultipleObjects
CreateEventW
SetEvent
ResetEvent
lstrlenW
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
ExitProcess
HeapSize
SetLastError
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetSystemTimeAsFileTime
ExitThread
CreateThread
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree

user32

GetActiveWindow
LoadStringW
GetDesktopWindow
ScreenToClient
ShowWindow
GetMessageW
IsDialogMessageW
PostQuitMessage
IsWindowVisible
LoadIconW
EnableWindow
CreateDialogParamW
DispatchMessageW
SetTimer
DestroyIcon
SendMessageW
IsWindow
MessageBoxW
SetWindowPos
GetWindowRect
GetSystemMetrics
PostMessageW
DialogBoxParamW
EndDialog
GetWindowTextW
SetWindowTextW
GetDlgItem
KillTimer
TranslateMessage

gdi32

CreateSolidBrush
DeleteObject

advapi32

RegCloseKey
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitialize
CoInitializeEx

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

889fbee40ab5c3991ffd20511038ed7c

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

kernel32

user32

gdi32

advapi32

ole32

Sections

.text Size: 268KB - Virtual size: 268KB

.rdata Size: 67KB - Virtual size: 67KB

.data Size: 16KB - Virtual size: 41KB

.rsrc Size: 67KB - Virtual size: 66KB

.text
Size: 268KB - Virtual size: 268KB

.rdata
Size: 67KB - Virtual size: 67KB

.data
Size: 16KB - Virtual size: 41KB

.rsrc
Size: 67KB - Virtual size: 66KB