26983eec770d46b7f7974ca00e6dff15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26983eec770d46b7f7974ca00e6dff15_JaffaCakes118
Size

492KB
MD5

26983eec770d46b7f7974ca00e6dff15
SHA1

e8ecd6757a6fefcc1052dfe245d79a1db26b14b5
SHA256

ae70eb02302a3cd3d1ae823ba845b6c7bef9378bf0bbdea6cfb0033ed3e6fc8f
SHA512

5da5f3edcfff5a80c55a23dd5716347a459f63a7e553bfd2f0a78882109a94883071148e660ef6410ed7348ab0c0843ede46634ffe945ceb169c7e97a7c65560
SSDEEP

12288:Pl33rwDqwlJdbE5ZQzA/zGqDRdTSNDKRrfMyK7+n8GGO:Pl37wDqKdbEsM/zGqDboKpfMyKqn8G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26983eec770d46b7f7974ca00e6dff15_JaffaCakes118

Files

26983eec770d46b7f7974ca00e6dff15_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba3c4fb63494be0ed1dc40a9b00fd249

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
CopyFileA
GetDiskFreeSpaceExA
WinExec
WaitForSingleObject
CreateProcessA
CreateEventA
OpenMutexA
GetVolumeInformationA
GetSystemDirectoryA
GetWindowsDirectoryA
GetProcessHeap
FreeLibrary
GetProcAddress
LoadLibraryA
SetSystemTime
GetSystemTime
MultiByteToWideChar
OpenFileMappingA
InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetCommandLineA
LockResource
LoadResource
SizeofResource
FindResourceA
GetShortPathNameA
CreateFileA
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
CreateToolhelp32Snapshot
GetModuleHandleA
lstrlenA
GetModuleFileNameA
lstrlenW
WideCharToMultiByte
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
GetSystemTimeAsFileTime
GetCurrentDirectoryA
ReadFile
DeviceIoControl
GetFullPathNameA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
SetFilePointer
WriteFile
GetVersionExA
LocalFree
Process32First
GetPrivateProfileSectionA
SetEndOfFile
OpenProcess
CloseHandle
Process32Next
RaiseException
DeleteCriticalSection
InitializeCriticalSection
FindFirstFileA
SetFileAttributesA
DeleteFileA
FindNextFileA
GetLastError
FindClose
GetEnvironmentVariableA
CreateFileMappingA
GetTempPathA
SetEnvironmentVariableA
CompareStringW
CompareStringA
InterlockedDecrement
CreateDirectoryA
GetFileAttributesA
ExitProcess
RtlUnwind
HeapFree
MoveFileA
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapAlloc
HeapReAlloc
GetStartupInfoA
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
GetOEMCP
GetCPInfo
SetUnhandledExceptionFilter
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
GetTimeZoneInformation
FlushFileBuffers

user32

CharNextA
DestroyWindow
DefWindowProcA

advapi32

RegDeleteKeyA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegSetValueA
RegNotifyChangeKeyValue
RegSetKeySecurity
GetUserNameA
CreateProcessAsUserA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenProcessToken

ole32

CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoInitialize

oleaut32

VarUI4FromStr
SysAllocString
VariantClear

comctl32

InitCommonControlsEx

gdi32

SelectObject
GetTextExtentPoint32A

shell32

SHGetFolderPathA

Sections

.text
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ba3c4fb63494be0ed1dc40a9b00fd249

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

gdi32

shell32

Sections

.text Size: 172KB - Virtual size: 169KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 288KB - Virtual size: 286KB

.text
Size: 172KB - Virtual size: 169KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 288KB - Virtual size: 286KB