26978b4deea1e1b6c0c3e0dc0c93cd2a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26978b4deea1e1b6c0c3e0dc0c93cd2a_JaffaCakes118
Size

332KB
MD5

26978b4deea1e1b6c0c3e0dc0c93cd2a
SHA1

f50c63548e33045f26b72b8034346fc5546225ca
SHA256

28fbb1d8f816305feef3f6ec4dab288bd5d2f47e3a5c3e2894c5796eaf5e7843
SHA512

3c0db550581e26da68a48d0f99bb634f7c52151b6e12ffefaf0f0623693ac2bfc9b25fd7c7cb9b5b3883b6d4af31875180c4b6be1a23b6ba65ea63d8fedab8c4
SSDEEP

6144:Lx6U0KarFGy/khQxOr4lVFE0WhOnOfnaYXl9vZpTUy7eWztK0PmlFAb:LEKYkhQO4lUtOOfaYXTo6xK0PKe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26978b4deea1e1b6c0c3e0dc0c93cd2a_JaffaCakes118

Files

26978b4deea1e1b6c0c3e0dc0c93cd2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

972f6811cd6b466bf77443722b07c6b7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleOutputA
PeekNamedPipe
ReadConsoleInputW
SetConsoleMode
MultiByteToWideChar
LocalReAlloc
OpenSemaphoreW
SetVolumeLabelA
GetACP
SetConsoleActiveScreenBuffer
FreeLibrary
AllocConsole
GetTempPathW
GetLogicalDriveStringsA
WriteConsoleOutputCharacterA
GlobalAddAtomA
CloseHandle
SetEvent
GetTapeParameters
GetProfileStringA
GlobalGetAtomNameW
LocalFileTimeToFileTime
VirtualQueryEx
FindFirstFileExW
EnumDateFormatsW
PulseEvent
GenerateConsoleCtrlEvent
SystemTimeToFileTime
GetWindowsDirectoryA
GlobalFindAtomW
GetComputerNameW
EnumCalendarInfoA
DosDateTimeToFileTime
WriteProcessMemory
GetSystemTimeAsFileTime
CreateProcessA
GetFileType
VirtualAllocEx
CancelIo
ExpandEnvironmentStringsW
FindFirstFileW
lstrcmpiA
FlushConsoleInputBuffer
MoveFileW
UnhandledExceptionFilter
CompareStringW
ClearCommBreak
GetDiskFreeSpaceW
GetTapeStatus
_lread
WritePrivateProfileSectionW
GetConsoleCursorInfo
FreeLibraryAndExitThread
IsBadStringPtrA
FindCloseChangeNotification
SetConsoleTitleA
lstrcmpiW
FormatMessageA
SetConsoleWindowInfo
GetUserDefaultLCID
RemoveDirectoryA
SetProcessAffinityMask
EnumSystemCodePagesA
WritePrivateProfileStructA
VirtualProtect
UnmapViewOfFile
Beep
SetConsoleOutputCP
WriteFile
ScrollConsoleScreenBufferA
RemoveDirectoryW
GetShortPathNameW
GetVolumeInformationW
LoadLibraryExA
GetSystemInfo
GetPrivateProfileSectionW
GetBinaryTypeW
GetCurrentDirectoryW
GetCommModemStatus
EnumResourceLanguagesW
ReadDirectoryChangesW
GetStartupInfoA
GetPrivateProfileStringW
GetSystemTimeAdjustment
EraseTape
MoveFileExA
GetUserDefaultLangID
GlobalDeleteAtom
_llseek
AreFileApisANSI
GetLocaleInfoW
DuplicateHandle
CreateDirectoryW
GetConsoleMode
GetCommandLineA
GetVersionExA
lstrlenA
SetEnvironmentVariableW
ExitProcess

user32

AppendMenuW
DestroyIcon
ActivateKeyboardLayout
SetMenuDefaultItem
SetProcessWindowStation
EndMenu
SetWindowPos
GetThreadDesktop
GetActiveWindow
SetRectEmpty
TileWindows
GetDlgItemTextA
ValidateRect
FindWindowExA
KillTimer
CharNextA
GetClipboardFormatNameW

gdi32

GetPolyFillMode
StartDocW
SelectClipPath
CreateBitmap
CreateEllipticRgnIndirect
GetCharWidth32A
SetPaletteEntries
GetFontData
GetWindowExtEx

comdlg32

FindTextW
CommDlgExtendedError

advapi32

LookupAccountNameW
CryptGetUserKey
InitializeAcl
RegLoadKeyW
AddAccessDeniedAce
CreateServiceA
SetFileSecurityA
DuplicateToken
RegDeleteValueW
OpenSCManagerA
RegRestoreKeyA
CryptGetProvParam
ChangeServiceConfigW
RegEnumKeyA
GetSecurityDescriptorSacl
RegSetKeySecurity
RegSaveKeyW
QueryServiceConfigW
RegDeleteKeyA

shell32

ExtractIconA
ShellExecuteA

ole32

WriteClassStg
CoTreatAsClass
CoReleaseMarshalData
CoRegisterClassObject
CoCreateInstance

comctl32

ImageList_GetImageCount
ImageList_DrawEx
ImageList_GetImageInfo

shlwapi

StrChrW
SHEnumValueW
StrCatBuffA
StrCatBuffW
PathAppendA
SHCopyKeyW
StrChrA
StrCmpNIA

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

972f6811cd6b466bf77443722b07c6b7

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

comctl32

shlwapi

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 8KB