26f3743e6b04885aad831d477591498e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26f3743e6b04885aad831d477591498e_JaffaCakes118
Size

328KB
MD5

26f3743e6b04885aad831d477591498e
SHA1

408cc4cca98ab98f0c7e313f9dc13f509f20e9df
SHA256

5b38bd8e910fea2c516c8692c0448f278947d4f2b1faeddcc9eaf7b4c890d981
SHA512

bb2bcb164be61adbfc99934d45a52cdbd5cbfcf0b0e62f574679d8de103db6d7e77381363f32ce1885ea1851c68c22ada1b3c3a27644f910832838993451126d
SSDEEP

6144:LYp4zNdyu3d7kZmMJNT/iRWcndATaW8IfsMnJ4vp:Lnz3yskZ7nr2WU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f3743e6b04885aad831d477591498e_JaffaCakes118

Files

26f3743e6b04885aad831d477591498e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

294259b514aa6699b32369e4596af052

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
GetCommandLineA
ExitProcess
TerminateProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
VirtualProtect
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
HeapFree
HeapAlloc
RtlUnwind
SetErrorMode
SystemTimeToFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
CreateFileA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
DeleteFileA
MoveFileA
GetCurrentDirectoryA
GetOEMCP
GetCPInfo
InterlockedIncrement
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
GlobalFlags
DeleteCriticalSection
InitializeCriticalSection
RaiseException
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
CloseHandle
GetCurrentThread
lstrcmpA
GetModuleFileNameA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
MulDiv
GlobalAlloc
FormatMessageA
LocalFree
FreeResource
GetCurrentThreadId
GlobalFindAtomA
GlobalDeleteAtom
LoadLibraryA
FreeLibrary
lstrcatA
lstrcmpW
GetModuleHandleA
lstrcpynA
GlobalLock
GlobalUnlock
GlobalGetAtomNameA
GlobalAddAtomA
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleHandleW
GetCurrentProcess
LoadLibraryW
GetProcAddress
GetStringTypeExA
CompareStringW
CompareStringA
lstrlenA
lstrcmpiA
GetVersion
GetLastError
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetFileType
InterlockedExchange

user32

DestroyIcon
BeginPaint
GetWindowDC
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetMessageA
TranslateMessage
ShowOwnedPopups
PostQuitMessage
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
GetMenuStringA
InsertMenuA
SetParent
GetSystemMenu
AppendMenuA
DeleteMenu
IsRectEmpty
GetCursorPos
WindowFromPoint
KillTimer
SetTimer
ClientToScreen
SetRect
GetDC
ReleaseDC
IsZoomed
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
SetWindowTextA
IsDialogMessageA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
SetCapture
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
MessageBoxA
TrackPopupMenu
SetForegroundWindow
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
UnregisterClassA
DefWindowProcA
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetSystemMetrics
PtInRect
SetPropA
CharLowerA
CharUpperA
ShowWindow
EnableWindow
LoadBitmapA
FillRect
FrameRect
GetClientRect
InvalidateRect
ValidateRect
CallWindowProcA
RegisterWindowMessageA
wsprintfA
LoadMenuA
DestroyMenu
GetClassNameA
GetSysColor
SetWindowPos
WinHelpA
SetFocus
GetActiveWindow
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
LockWindowUpdate
GetDCEx
LoadCursorA
GetSysColorBrush
GetMenu
UnpackDDElParam
ReuseDDElParam
LoadIconA
SetCursor
PeekMessageA
GetCapture
ReleaseCapture
LoadAcceleratorsA
GetParent
SetActiveWindow
IsWindowVisible
GetMenuItemInfoA
InflateRect
GetTopWindow
EndPaint
SetWindowLongA
RegisterClassA
GetClassInfoA
TranslateAcceleratorA
SendMessageA
IsWindowEnabled
GetWindow
GetDesktopWindow
IsWindow
GetWindowLongA
SetMenu
PostMessageA
BringWindowToTop
GetLastActivePopup
CopyRect
SetRectEmpty
OffsetRect
IntersectRect
UpdateWindow
IsIconic
InsertMenuItemA
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreatePopupMenu

gdi32

CreatePatternBrush
GetStockObject
CreateRectRgnIndirect
PatBlt
SetRectRgn
CombineRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
CreateRectRgn
SelectClipRgn
CreateSolidBrush
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDeviceCaps
GetBkColor
CreateFontA
GetCharWidthA
DeleteObject
StretchDIBits
DeleteDC
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateBitmap
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleBitmap
BitBlt
CreateCompatibleDC
CreateFontIndirectA

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteValueA
RegSetValueA
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyA
RegQueryValueA
SetFileSecurityA
GetFileSecurityA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
RegSetValueExA

shell32

DragQueryFileA
ExtractIconA
SHGetFileInfoA
DragFinish

comctl32

ImageList_Draw
ImageList_GetImageInfo
ord17
ImageList_Destroy

shlwapi

PathFindFileNameA
PathStripToRootA
PathFindExtensionA
PathIsUNCA

oleaut32

VariantClear
VariantChangeType
VariantInit
SysAllocStringLen

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

294259b514aa6699b32369e4596af052

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 176KB - Virtual size: 173KB

.rdata Size: 48KB - Virtual size: 45KB

.data Size: 76KB - Virtual size: 87KB

.rsrc Size: 24KB - Virtual size: 22KB

.text
Size: 176KB - Virtual size: 173KB

.rdata
Size: 48KB - Virtual size: 45KB

.data
Size: 76KB - Virtual size: 87KB

.rsrc
Size: 24KB - Virtual size: 22KB