29e43ef08e3dad6cbe3f82a26ae88deb_JaffaCakes118

General

Target

29e43ef08e3dad6cbe3f82a26ae88deb_JaffaCakes118
Size

53KB
MD5

29e43ef08e3dad6cbe3f82a26ae88deb
SHA1

edce750e0974c4629a1ff0fb5a60c088caa17e57
SHA256

e7bc1a72088478a9ca97c71f8ac76cd57c0abefd1b46e55a0cb495ef554d4434
SHA512

1c50c319eed905f88db38f416d8c18b7f98d584bcba3f1010f2662f09d684d1016dcd36928276207c1a60843ed97e9bb9700670168f228d1492c74967af83e5a
SSDEEP

1536:/adAOqkflsWeSD1g0PHMjkzBqXhTcdaFxSO:/adtqsluSW2MwzBKhTcdaF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e43ef08e3dad6cbe3f82a26ae88deb_JaffaCakes118

Files

29e43ef08e3dad6cbe3f82a26ae88deb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bba8d110985af89a6ba002c54b09268a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetCommandLineA
GetLastError
lstrcatA
GetFileType
lstrcmpiA
CloseHandle
GetDateFormatA
lstrlenA
lstrcpyA
WideCharToMultiByte
DeleteFileA
lstrcpynA
GlobalAlloc
GetStringTypeA
GlobalFree
HeapAlloc
GetFileSize
GetStringTypeW

user32

CloseWindow
EndDialog
CreateIcon
BlockInput
DrawTextW
CopyRect
CopyIcon
AppendMenuW
GetWindowTextA
DrawIcon
DrawTextA
GetMenu
IsWindow
LoadMenuA
IsMenu
AppendMenuA
AlignRects
EndDialog
DrawIconEx
DrawTextW
BlockInput
AppendMenuA
LoadCursorA
LoadMenuA
AlignRects
DialogBoxParamW
CopyIcon
DrawTextA
GetDlgItem
CloseWindow
CreateIcon
DrawIcon
CopyRect
IsWindow
DialogBoxParamA
GetMenu

comctl32

ImageList_Create
ImageList_DragEnter
ImageList_Read
ImageList_DragShowNolock
ImageList_Merge
ImageList_GetIconSize
ImageList_LoadImageA
ImageList_GetImageInfo
ImageList_GetImageCount
InitCommonControls
ImageList_Copy
ImageList_DrawIndirect
ImageList_BeginDrag
ImageList_EndDrag
ImageList_Destroy
ImageList_DragLeave
ImageList_GetIcon
ImageList_DrawEx

advapi32

RegDeleteKeyW
RegOpenKeyExA
RegEnumKeyW
RegReplaceKeyA
RegEnumValueA
RegQueryValueW
RegCreateKeyExW
RegQueryInfoKeyA
RegEnumKeyExW
RegDeleteKeyA
RegEnumKeyA
RegFlushKey
RegOpenKeyA
RegLoadKeyW
RegDeleteValueW
RegDeleteValueA
RegQueryValueExW
RegQueryValueExA

Sections

.DEZQB
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kcRt
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xwrhgL
Size: 512B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.XsyemP
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bba8d110985af89a6ba002c54b09268a

Headers

File Characteristics

Imports

kernel32

user32

comctl32

advapi32

Sections

.DEZQB Size: 10KB - Virtual size: 9KB

.kcRt Size: 36KB - Virtual size: 36KB

.xwrhgL Size: 512B - Virtual size: 26KB

.XsyemP Size: 2KB - Virtual size: 2KB

.DEZQB
Size: 10KB - Virtual size: 9KB

.kcRt
Size: 36KB - Virtual size: 36KB

.xwrhgL
Size: 512B - Virtual size: 26KB

.XsyemP
Size: 2KB - Virtual size: 2KB