26912e97501f19d874dadd6423f54ea4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26912e97501f19d874dadd6423f54ea4_JaffaCakes118
Size

320KB
MD5

26912e97501f19d874dadd6423f54ea4
SHA1

6428c2874251d8cfa8988def38c9a5a952b63126
SHA256

59ab7a09cfe801a99d18301993de28cfc20f34169b9f2c3a283ce78ce8577b2a
SHA512

c8a173c5e3fbe6cfe7b9358f2de91f84db7b7ef14d61014c1d241b188510f6c5566fe491366bf5d4c58cec9956bce1cb17079f90c8e56f7b53ee8e7e0056eebe
SSDEEP

6144:C8/B0qxAVLH/583lt+QjbCNjvjbFFduKUMZiJFbR3W3gFAPDJU1hp0xB:CfKGLH/QnHQFde8GV3W3Xu1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26912e97501f19d874dadd6423f54ea4_JaffaCakes118

Files

26912e97501f19d874dadd6423f54ea4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

67880aa2fe2f9d86ff805573f0ddf649

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
GetShortPathNameW
GlobalReAlloc
SetCurrentDirectoryA
EnumSystemCodePagesA
GlobalFlags
SetProcessWorkingSetSize
GetPrivateProfileSectionW
MultiByteToWideChar
ReleaseSemaphore
GetProcessTimes
GetCompressedFileSizeW
VirtualLock
QueryDosDeviceW
GetCommState
GetTimeZoneInformation
_hread
GetVersionExA
SetConsoleMode
SizeofResource
OpenMutexA
CancelIo
GetEnvironmentStringsW
ExitProcess
CreateDirectoryW
VirtualProtect
GetCommandLineA
WriteConsoleOutputW

user32

ChildWindowFromPoint
CreateWindowStationW
SetWindowRgn
GetKeyState
CreateDesktopW
GetSubMenu
GetTitleBarInfo
RemoveMenu
SendNotifyMessageA
IsCharAlphaNumericA
GetDlgCtrlID
GetMessagePos
SetCursor
BringWindowToTop
SetWindowWord
OpenWindowStationA

gdi32

SetDIBitsToDevice
ExcludeClipRect
CreateDCA
CreateFontA
GetCharacterPlacementA
SetBkColor
GetGlyphOutlineA
Pie
CreateHatchBrush

advapi32

CryptSetProvParam
RegEnumValueW
EnumServicesStatusW
CreateServiceW
RegSaveKeyA
LookupPrivilegeDisplayNameA
OpenEventLogW
ControlService
RegSaveKeyW
PrivilegeCheck
CloseServiceHandle
RegOpenKeyExA
CryptGenRandom
QueryServiceStatus
CryptGenKey
LogonUserA
QueryServiceConfigA

shell32

SHLoadInProc
SHAddToRecentDocs
DragQueryPoint
ExtractIconExW
DragAcceptFiles

ole32

StgCreateStorageEx

oleaut32

SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayPutElement
SysFreeString
SysAllocStringLen
QueryPathOfRegTypeLi
SetErrorInfo
VariantChangeType

comctl32

ImageList_EndDrag
ImageList_DrawIndirect

shlwapi

StrCmpNIA
AssocCreate
SHEnumValueW
PathGetDriveNumberA
SHSetValueW
StrPBrkW
PathCanonicalizeA
PathGetDriveNumberW
StrToIntExW
PathGetCharTypeW
StrStrIW

setupapi

SetupDiCreateDeviceInfoList
SetupDiGetClassDevsA

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

67880aa2fe2f9d86ff805573f0ddf649

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 16KB