29e95ca541a498f9ca3fb99abb4b7bb6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29e95ca541a498f9ca3fb99abb4b7bb6_JaffaCakes118
Size

57KB
MD5

29e95ca541a498f9ca3fb99abb4b7bb6
SHA1

dd5271174e263aec6a6b20994142d81363915c06
SHA256

0ed32f1fd8e9e0824783cdcdc8fcef5462c74cc4375df6c9737d2d8c9ee30ad2
SHA512

57d4fac791d947c712e833ead9dba6800db73617fa6814b2ab157df656bfe9e54ed1e24e360dfa00d72f9e9f3dada03d180d4cbc9279cd65f4f70584365858ae
SSDEEP

1536:/5NHjlzXcldKlvxsBF9zRQkTbaJStKscmqF:LheUl2BFlRQkTbaeKsNe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29e95ca541a498f9ca3fb99abb4b7bb6_JaffaCakes118

Files

29e95ca541a498f9ca3fb99abb4b7bb6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54233ebfe1d4389125fb820367f71377

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
GetSecurityDescriptorControl
LockServiceDatabase
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueA
UnlockServiceDatabase

kernel32

CloseHandle
CompareStringA
CreateDirectoryA
CreateEventA
CreateProcessA
CreateToolhelp32Snapshot
DeleteFileA
DeviceIoControl
ExitProcess
FileTimeToLocalFileTime
FindResourceA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetACP
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileAttributesA
GetFileType
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileStructA
GetProcessHeap
GetStdHandle
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadLocale
GetThreadTimes
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
GlobalLock
HeapCreate
HeapDestroy
HeapFree
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsValidCodePage
IsValidLocale
LoadLibraryA
LoadResource
MoveFileA
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ResumeThread
SearchPathA
SetCurrentDirectoryA
SetEvent
SetLastError
SetPriorityClass
SetThreadPriority
SizeofResource
SuspendThread
SystemTimeToFileTime
TerminateProcess
TlsFree
VirtualQuery
WideCharToMultiByte
WriteFile
lstrcmpA
lstrcmpiA
lstrlenA

user32

CharUpperA
CopyRect
CreatePopupMenu
DefWindowProcA
DestroyIcon
DispatchMessageA
DrawTextA
GetCursorPos
GetDesktopWindow
GetKeyState
GetMessageA
GetSystemMetrics
GetWindow
GetWindowLongA
GetWindowPlacement
GetWindowTextLengthA
LoadCursorA
MessageBoxA
MoveWindow
MsgWaitForMultipleObjects
ReleaseDC
SetCapture
SetCursor
SetDlgItemTextA
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateMessage
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

54233ebfe1d4389125fb820367f71377

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 21KB - Virtual size: 24KB

.CRT Size: 14KB - Virtual size: 24KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 21KB - Virtual size: 24KB

.CRT
Size: 14KB - Virtual size: 24KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 1024B - Virtual size: 4KB