26b28f918a229ea467e4a768c8ecdb16_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26b28f918a229ea467e4a768c8ecdb16_JaffaCakes118
Size

203KB
MD5

26b28f918a229ea467e4a768c8ecdb16
SHA1

3ea62b2cf8e5506b759d3f500160a84b99bfd732
SHA256

117f22884bb130e2ff7ca1389d4c1e208c6054db353d5a3348f837da1f80499a
SHA512

a72517824af3006d3db6347b7a806d9bbf1bef9b88247d3d28a63655d2992ae8b242872f02405ae88efccf254fbf4716db1295d1421b63e70fae9ddf8aafb63c
SSDEEP

3072:qkEVV2akVeCq+jTG+gKF66PQGWjWc7unJLrTKzsJt4ofNlPgw0L2+SC9a9o:HEVVPx+jTG+Np67uguNf/PfiDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26b28f918a229ea467e4a768c8ecdb16_JaffaCakes118

Files

26b28f918a229ea467e4a768c8ecdb16_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e13e40bbe88a0b0f403e1860e4c9a9ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileW
GetShortPathNameW
CompareFileTime
GetLongPathNameA
GetAtomNameA
GlobalAlloc
SleepEx
SetCalendarInfoW
GetModuleHandleA
GetTempPathA
FatalAppExitA
GetDiskFreeSpaceA
GetProcAddress
GetSystemDirectoryW
LocalAlloc
lstrcpy
GetThreadLocale
RemoveDirectoryW
GetShortPathNameA
MulDiv
GetEnvironmentStringsA
lstrlenW
GetCurrentThread
GetVolumeInformationW
OpenMutexW
FindResourceA
Sleep
CreateFileMappingA
CreateFileA
GetSystemInfo
GetSystemDefaultLCID
lstrcpyA
GlobalFindAtomA
GetFileSize
GetCalendarInfoW
GetDateFormatA
lstrcmpA
lstrcpyW
AddAtomA
GetVolumeInformationA
GetAtomNameW
CreatePipe
GetOEMCP
OpenWaitableTimerA
GetCommandLineW
ExitThread
BeginUpdateResourceA
FileTimeToDosDateTime
EndUpdateResourceA
GetExitCodeThread
GetEnvironmentStringsW
GetProcessHeaps
DosDateTimeToFileTime
GetSystemTime
InitializeCriticalSection

user32

IsDlgButtonChecked
LoadImageW
ShowCursor
CreateWindowExA
UnregisterClassA
LoadIconW
SetMenu
WaitMessage
GetDC
SetDlgItemTextW
EnumClipboardFormats
GetMenuItemCount
ActivateKeyboardLayout
UpdateLayeredWindow
LoadMenuIndirectA
GetAsyncKeyState
CheckMenuRadioItem
GetSystemMetrics
GetWindowTextLengthA
LoadCursorW
CheckRadioButton
DefDlgProcW
InsertMenuItemW
MonitorFromRect
AdjustWindowRect
GetDlgItem
BringWindowToTop
SendMessageW
DestroyIcon
SendDlgItemMessageW
EnumWindows
LoadCursorA
RegisterWindowMessageA
GetDC
CharNextW
mouse_event
GetDlgItemTextW
MessageBeep
MonitorFromPoint
IsMenu
AppendMenuA
ArrangeIconicWindows

gdi32

SelectBrushLocal
CreatePen
GetTextColor
RemoveFontResourceW
SetTextJustification
SetBitmapBits
GetCharABCWidthsFloatW
ExtEscape
GetOutlineTextMetricsA
OffsetClipRgn
TranslateCharsetInfo
ExtTextOutA
CreateFontW

advapi32

RegOpenKeyExA
RegRestoreKeyA
RegEnumValueW
RegSaveKeyA
RegCreateKeyW
RegCloseKey
RegQueryInfoKeyA

oleaut32

VarR4FromI2
VarR4FromCy
VarCyNeg
SetErrorInfo
VarUI8FromI2
VarDecAdd

wininet

FtpCreateDirectoryA
FindCloseUrlCache
GetUrlCacheEntryInfoExW
InternetWriteFileExA
InternetGetCertByURL
FtpGetFileEx
InternetHangUp
InternetGetPerSiteCookieDecisionA
InternetSetDialStateW

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Qkycn
Size: 2KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Kkrub
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rfCWI
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.jBQZC
Size: 4KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RQNT
Size: 1024B - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Xkdy
Size: 2KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NNa
Size: 1024B - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.J
Size: 2KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e13e40bbe88a0b0f403e1860e4c9a9ff

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

oleaut32

wininet

Sections

.text Size: 12KB - Virtual size: 11KB

.Qkycn Size: 2KB - Virtual size: 40KB

.Kkrub Size: 1KB - Virtual size: 32KB

.rfCWI Size: 1KB - Virtual size: 16KB

.jBQZC Size: 4KB - Virtual size: 50KB

.RQNT Size: 1024B - Virtual size: 42KB

.Xkdy Size: 2KB - Virtual size: 36KB

.data Size: 11KB - Virtual size: 11KB

.NNa Size: 1024B - Virtual size: 29KB

.J Size: 2KB - Virtual size: 86KB

.rsrc Size: 162KB - Virtual size: 162KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.Qkycn
Size: 2KB - Virtual size: 40KB

.Kkrub
Size: 1KB - Virtual size: 32KB

.rfCWI
Size: 1KB - Virtual size: 16KB

.jBQZC
Size: 4KB - Virtual size: 50KB

.RQNT
Size: 1024B - Virtual size: 42KB

.Xkdy
Size: 2KB - Virtual size: 36KB

.data
Size: 11KB - Virtual size: 11KB

.NNa
Size: 1024B - Virtual size: 29KB

.J
Size: 2KB - Virtual size: 86KB

.rsrc
Size: 162KB - Virtual size: 162KB

.reloc
Size: 1KB - Virtual size: 1KB