29f5551e01fb64bd703fea6c5645d732_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

29f5551e01fb64bd703fea6c5645d732_JaffaCakes118
Size

82KB
MD5

29f5551e01fb64bd703fea6c5645d732
SHA1

53eee2adf6b597275f1d20d41314964a6341b7d9
SHA256

aaed95f2d7a299c32b053e20f3d9f1ee4d39336fae8ee7bee31f35c57a77d984
SHA512

d93bc139764a896f58ce381f6d8020c6f00d91d657d5ad6a7f8cf61e9fd88ca255b25150d6a6e5cfbe12b67be365385e57cf86b48d762e1b499189fb84b01f4d
SSDEEP

1536:9PzXK5oqeZ2WZi4f8RGH1K6Bs7QaG6UIFFT5of+3TQiVF:9P7KyqEi4fpHIKhCT53VF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f5551e01fb64bd703fea6c5645d732_JaffaCakes118

Files

29f5551e01fb64bd703fea6c5645d732_JaffaCakes118
.exe windows:0 windows x86 arch:x86

1d2ffe1378fbbd6c9ffb839feadedc1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
CreateThread
GetProcessHeaps
GetMailslotInfo
GetAtomNameA
GetFileAttributesA
FindAtomW
GetModuleHandleW
BeginUpdateResourceW
GetTimeFormatW
VirtualAlloc
FatalAppExitW
TlsAlloc
DisconnectNamedPipe
FreeEnvironmentStringsW
GetModuleFileNameA
FlushFileBuffers
WaitForMultipleObjects
GetSystemInfo
GlobalFindAtomA
FreeResource
SetCalendarInfoW
IsBadWritePtr
GetProcessId
lstrcmpiA
lstrcatW
lstrlen
GetThreadLocale
ExitThread
GetStartupInfoA
DuplicateHandle
WaitForSingleObject
FindResourceW
lstrcmpW
FreeLibrary
GetModuleFileNameW
GetUserDefaultLCID
CreateFileW
ReplaceFileA
GetTempPathW

user32

SetWindowTextA
GetMenuState
GetMenu
CreateMenu
InsertMenuItemA
GetDC
LoadCursorA
GetKeyboardType
LoadCursorW
GetWindowTextA
TrackPopupMenuEx
EnumWindows
CheckDlgButton
CopyRect
CascadeWindows
CreateDialogParamW
FindWindowA
DialogBoxParamA
WinHelpW
CreateMenu
AppendMenuA
IsWindowEnabled
PeekMessageA
GetMessageA
CreateDialogIndirectParamW
GetMenuItemID
LoadMenuIndirectW
MessageBoxA
SetCursor
CreateWindowExA
GetActiveWindow
CharLowerA
wsprintfA
RegisterWindowMessageA
FrameRect

gdi32

CreateColorSpaceW
GetCharWidthA
EnumFontFamiliesW
SetBrushOrgEx
DeleteColorSpace
DeleteObject
GetCharacterPlacementW
ResizePalette
SetDIBColorTable
CreateBrushIndirect
Polygon
CreatePolyPolygonRgn
ExtCreateRegion
SetWorldTransform
GetEnhMetaFileHeader
UpdateICMRegKeyA
CreateDCW

advapi32

RegEnumKeyExW
RegCreateKeyW
RegEnumValueW

shell32

StrNCmpIA
StrRStrIW

shlwapi

SHCreateThread
PathAddBackslashW
StrChrNW

ole32

CoDisconnectObject

oleaut32

VarUI1FromDec
VarDateFromDisp

version

VerQueryValueA

ws2_32

WSADuplicateSocketW
WSAIoctl
getprotobynumber
recv
htons
WSAEnumProtocolsW

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.32B9O7
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.83Hp
Size: 4KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d2ffe1378fbbd6c9ffb839feadedc1a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

ole32

oleaut32

version

ws2_32

Sections

.text Size: 7KB - Virtual size: 6KB

.32B9O7 Size: - Virtual size: 6KB

.rdata Size: 3KB - Virtual size: 3KB

.reloc Size: - Virtual size: 9KB

.83Hp Size: 4KB - Virtual size: 84KB

.rsrc Size: 98KB - Virtual size: 98KB

.text
Size: 7KB - Virtual size: 6KB

.32B9O7
Size: - Virtual size: 6KB

.rdata
Size: 3KB - Virtual size: 3KB

.reloc
Size: - Virtual size: 9KB

.83Hp
Size: 4KB - Virtual size: 84KB

.rsrc
Size: 98KB - Virtual size: 98KB