29f1399c8352dff725a1f014a8be91af_JaffaCakes118

General

Target

29f1399c8352dff725a1f014a8be91af_JaffaCakes118
Size

107KB
MD5

29f1399c8352dff725a1f014a8be91af
SHA1

e13ac904eaa1010cb32aba65af346aff4a2c96d3
SHA256

b2594149a73a813d9bd4cd5b005ad1cd9ca2192e2fbb505b8f021cbb6e43e83b
SHA512

635312ec96f03b365d788cfd561acbb13211e48e45d4b4f38d5ff3a2bde1e181310328b945483585232d463c7cf03c4c09ab62e34ff4957f04acbeabd27a7967
SSDEEP

3072:DtO2o2AhjGwF6UJ+ONkFDICDW8hlG15UvBO2pS+UrXtU6iM:DtKhIj9hlG154wy866iM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f1399c8352dff725a1f014a8be91af_JaffaCakes118

Files

29f1399c8352dff725a1f014a8be91af_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d4d332fef752699445abde8b4a81bde7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

RpcBindingFromStringBindingA
RpcBindingSetAuthInfoA
NdrClientCall

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__initenv
_cexit
_XcptFilter
_exit
_c_exit
_rotl
_wcsnicmp
rand
_ultoa
_strnicmp
free
malloc
vfprintf
_except_handler3
wcscmp
_stricmp
strrchr
tolower
atoi
time
srand
strtoul
sprintf
_strupr
wcschr
strchr
wcsncmp
printf
exit
_iob
fprintf
fflush

kernel32

GetFullPathNameA
MultiByteToWideChar
DeleteFileA
GetDiskFreeSpaceW
GetDiskFreeSpaceA
WriteFile
InterlockedIncrement
InterlockedDecrement
CreateSemaphoreA
CreateEventA
WaitForMultipleObjects
SetThreadPriority
CreateThread
SetLastError
ReleaseSemaphore
GetProcAddress
ResetEvent
VirtualLock
VirtualAlloc
HeapAlloc
GetProcessHeap
FormatMessageA
ExitProcess
SetConsoleCtrlHandler
InitializeCriticalSection
VirtualFree
GetCurrentProcess
GetModuleHandleA
GetSystemInfo
GetProcessWorkingSetSize
GlobalMemoryStatus
SetProcessWorkingSetSize
EnterCriticalSection
LeaveCriticalSection
GetComputerNameA
SetFilePointer
SetEndOfFile
GetOverlappedResult
FindNextFileW
FindNextFileA
GetFileSize
ReadFile
GetFileTime
CloseHandle
GetTimeZoneInformation
SetFileApisToOEM
SetFileApisToANSI
SystemTimeToFileTime
GetSystemTime
SetErrorMode
GetVersionExA
lstrcatW
lstrcpyW
lstrlenW
GetFullPathNameW
GetLastError
FindClose
FindFirstFileA
FindFirstFileW
WaitForSingleObject
CreateFileA
CreateFileW
HeapFree
SetEvent
FileTimeToSystemTime
WideCharToMultiByte

Sections

.text
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d4d332fef752699445abde8b4a81bde7

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

msvcrt

kernel32

Sections

.text Size: 105KB - Virtual size: 105KB

.data Size: 1024B - Virtual size: 262KB

.text
Size: 105KB - Virtual size: 105KB

.data
Size: 1024B - Virtual size: 262KB