29d4130567714dd6aa5c65c5b0942495_JaffaCakes118 | Triage

Sharing

General

Target

29d4130567714dd6aa5c65c5b0942495_JaffaCakes118
Size

299KB
MD5

29d4130567714dd6aa5c65c5b0942495
SHA1

f6ec86038565f5b2e5a030c60065c2c2673a232a
SHA256

e6d555d579e600a32606d61dc25cc71971969fdfafc6252770cf246c57342357
SHA512

5cc3dc0d5422a0f939b884ea1a30ffacaf518a4626fd2506bddce713db97ab1573f7582a69f5b284c87de218ae4fdaa524a86bacd0b1e492e7ece05daa3b6bc5
SSDEEP

6144:EoOFpCn5XEXCMOhZ5epiUsQCA5tklMEEqU427Ne5j9tbEy:EXYX2iRwsQ7AMEEXPE5j9tbEy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29d4130567714dd6aa5c65c5b0942495_JaffaCakes118

Files

29d4130567714dd6aa5c65c5b0942495_JaffaCakes118
.exe windows:4 windows x86 arch:x86

150e485b3de080339aa29df2d536ff6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
GetPrivateProfileStructW
ResumeThread
SetLastError
CloseHandle
ResetEvent
GetDriveTypeA
CreateFileA
FindAtomA
HeapCreate
LoadLibraryA
GetDiskFreeSpaceA
CreateThread
GetComputerNameA
LocalFree
GetFileAttributesA
GetSystemTime
GetCommandLineW
GetModuleHandleA

advapi32

GetFileSecurityA
RegEnumKeyExA
IsTokenUntrusted
GetLengthSid
RegEnumValueA
CloseEventLog
RegCloseKey
RegQueryValueA
GetUserNameA
CreateServiceA
RegDeleteKeyA
FreeSid
RegCreateKeyExA

ntshrui

GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
IsPathSharedA
IsPathSharedW
IsFolderPrivateForUser

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 292KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ