26b3041936978757f7cd6aca7f6b955c_JaffaCakes118

General

Target

26b3041936978757f7cd6aca7f6b955c_JaffaCakes118
Size

40KB
MD5

26b3041936978757f7cd6aca7f6b955c
SHA1

594b574b6f2ad45f12b5155731b92ff2094ade39
SHA256

85287bffb089fc87642d34e1710379caa077f4dd7c04e494868b6df2e52368b6
SHA512

7f8ac44ffa3386c14915a68b8071cddd537358b7f3724e10913aafd605549ddde25a8e925a44f4c2a31cc33839e4a4104e39005f87647aa9e2c847d42575328c
SSDEEP

768:tywdnFHCEiabxFPP8bC1LMEwZyEdZGaFqGa2kicPIDoF:TntBoClMEwZpXrFqOkifoF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26b3041936978757f7cd6aca7f6b955c_JaffaCakes118

Files

26b3041936978757f7cd6aca7f6b955c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

454f691c9f45b25de22b1b392b17061a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
CreateThread
TerminateProcess
GetCurrentProcess
GetLastError
CreateMutexA
CreateProcessA
CopyFileA
GetWindowsDirectoryA
GetModuleFileNameA
SetFileAttributesA
CreateDirectoryA
Sleep
GetLocalTime
CompareStringW
CompareStringA
FlushFileBuffers
SetEndOfFile
SetStdHandle
LoadLibraryA
GetProcAddress
SetFilePointer
LCMapStringW
LCMapStringA
GetFileSize
CreateFileA
ReadFile
WriteFile
CloseHandle
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
RtlUnwind
GetFileType
GetStdHandle
HeapFree
HeapAlloc
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
GetSystemTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFullPathNameA

user32

TranslateMessage
CreateWindowExA
RegisterClassA
DispatchMessageA
GetMessageA
TranslateAcceleratorA
DefWindowProcA
LoadCursorA
LoadIconA

gdi32

GetStockObject

advapi32

RegSetValueExA
RegCreateKeyA

shell32

ShellExecuteA

wininet

InternetQueryDataAvailable
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
InternetReadFile

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

454f691c9f45b25de22b1b392b17061a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

wininet

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 9KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 9KB