29e0ee38fa745d69b9128d36a0c46051_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29e0ee38fa745d69b9128d36a0c46051_JaffaCakes118
Size

184KB
MD5

29e0ee38fa745d69b9128d36a0c46051
SHA1

1cec47aca4052ddc31f6f094cb087da5be5ff79e
SHA256

d547c26185394b585e0cc2dc5d023128d1bb706dd20ac072f834d6566f6d5bc7
SHA512

2b298cecfbf49c67b7b9a52fc9e5e5fb055ea38fce738687bef2d7d20697d9f5277b5ee431a12bdcf6e0e282a174927e7778ee4b840d2c4f189592ede3ebed02
SSDEEP

3072:oVCDON2oZiMltb75OvPkI8+lr8D4B4exbYHzW1wWqm9OMVnvFgvLVLGrBE5iz0Wi:oIc2oZiMltwva+S1zUOcFmVKrqWHi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e0ee38fa745d69b9128d36a0c46051_JaffaCakes118

Files

29e0ee38fa745d69b9128d36a0c46051_JaffaCakes118
.exe windows:3 windows x86 arch:x86

fcee679a85ae2e15a18162d946c33380

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
InterlockedExchange
Sleep
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
SetLastError
VirtualAllocEx
LoadLibraryA

user32

CreateWindowExA
PostMessageA
IMPGetIMEW
RegisterClassW
SetSystemMenu
SetWindowWord
DrawCaption
InitializeLpkHooks
GetClipCursor
TranslateMessage
CreateDesktopW
SetFocus
ChangeClipboardChain
IntersectRect
CharToOemW
DlgDirSelectComboBoxExW
FrameRect
DefWindowProcA
AdjustWindowRectEx
GetMessageW
SetWindowLongA
TabbedTextOutW
IMPSetIMEW
GetGUIThreadInfo
GetDesktopWindow
EnumDisplayDevicesW
UpdateWindow
EndTask
GetCursorPos
IMPQueryIMEW
GetMonitorInfoA
GetPropW
GetWinStationInfo
SetScrollRange
UserLpkPSMTextOut
DestroyReasons
ReuseDDElParam
MessageBoxA
GetDC
EnumClipboardFormats
LoadIconW
SendDlgItemMessageA
UserRegisterWowHandlers
DdeQueryConvInfo
GetWindowModuleFileNameA
LoadIconA
UnionRect
DispatchMessageW
SetMenu
UnpackDDElParam
CloseClipboard
SetPropA
LoadImageA
CreateDesktopA
ShowOwnedPopups
DlgDirListComboBoxW
mouse_event
GetInputDesktop
BroadcastSystemMessageW
GetDlgItemInt
IsChild
DrawStateA
CascadeWindows
GetPropA
GetMessageExtraInfo
PackDDElParam
CopyRect
GetTopWindow
SetCaretBlinkTime
OemToCharBuffW
EnumWindowStationsA
DragDetect
GrayStringA

olesvr32

TerminateDocClients
SendDataMsg
DeleteClientInfo

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 154KB - Virtual size: 371KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcee679a85ae2e15a18162d946c33380

Headers

File Characteristics

Imports

kernel32

user32

olesvr32

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 5KB

.data Size: 154KB - Virtual size: 371KB

.bss Size: 8KB - Virtual size: 7KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 5KB

.data
Size: 154KB - Virtual size: 371KB

.bss
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 2KB - Virtual size: 2KB