26c8529eaae6bfd725549691a8237f7f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26c8529eaae6bfd725549691a8237f7f_JaffaCakes118
Size

316KB
MD5

26c8529eaae6bfd725549691a8237f7f
SHA1

222898adecd565166a5b0f00360377f4ce25ca7b
SHA256

81d5c673f170122923b9486d01939e1f25904f3b395d976ea9a9d30a23a42a05
SHA512

a4693f27d3125433bba3b1130d6aa00595e95078e33a09fdd1f253ec785288d694b4c4fb0f40b58801ca33494ca37f8f61adc65b6c6fd6489dfafc7ae220dd17
SSDEEP

6144:3Llq1SsSL9Pj0YSZW1NNb2pLwoG5O9w/5u74C9:3YSsSRA1ENNapEZOSM74C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26c8529eaae6bfd725549691a8237f7f_JaffaCakes118

Files

26c8529eaae6bfd725549691a8237f7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c2e0a593c0b0c2e78728006091eda043

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsW
LoadLibraryExW
LocalLock
SetThreadPriorityBoost
GetProfileIntA
HeapValidate
OpenMutexA
SetVolumeLabelA
WaitNamedPipeW
SetStdHandle
OutputDebugStringA
PostQueuedCompletionStatus
CallNamedPipeA
SetCommMask
FreeResource
GetProfileStringW
SetCommState
GlobalMemoryStatus
FindNextFileW
FindNextFileA
SetCurrentDirectoryA
GlobalFree
lstrcmpiA
GlobalAddAtomW
GlobalGetAtomNameW
GetNumberOfConsoleInputEvents
GetVolumeInformationA
SetConsoleCtrlHandler
GetTempPathW
GetCurrentThread
FormatMessageA
MoveFileW
GetStartupInfoW
GetProfileStringA
SetProcessWorkingSetSize
CreateRemoteThread
MapViewOfFile
GetPrivateProfileStringW
FoldStringW
GetNamedPipeInfo
WriteProcessMemory
HeapReAlloc
InterlockedDecrement
lstrcpyA
PeekNamedPipe
GetFileAttributesExW
EscapeCommFunction
GetProcessHeap
OpenFileMappingW
GetBinaryTypeW
SwitchToFiber
SetFileAttributesA
GetVersionExA
FindAtomW
SetConsoleMode
FindFirstChangeNotificationA
GetCommModemStatus
ReadProcessMemory
GetPrivateProfileStringA
AllocConsole
SetErrorMode
MoveFileExA
SetVolumeLabelW
lstrcmpiW
_lcreat
InterlockedIncrement
GetModuleFileNameW
TlsSetValue
GetPrivateProfileStructA
GetCommandLineA
lstrlenA
VirtualProtect
_hread
ExitProcess

user32

GetWindowDC
AppendMenuW
DrawTextExA
GetTabbedTextExtentW
GetMenuStringA
DrawEdge
LoadCursorFromFileW
CreatePopupMenu
EnumDisplaySettingsExA
CreateDialogParamA
LoadCursorW
MonitorFromWindow
DestroyCursor
CharToOemW
InSendMessage
ScreenToClient
GetClassInfoExA
MapVirtualKeyA
MoveWindow
GetScrollBarInfo
LoadMenuIndirectA
GetDlgItemInt
VkKeyScanA
GetWindowLongW
GetWindowContextHelpId
LoadIconW
UnhookWindowsHook
CheckMenuRadioItem
GetClassInfoA
OemToCharA
GetDlgItemTextA
wsprintfA
KillTimer
SetWindowsHookExW
GetClipboardData
AdjustWindowRect
EqualRect
SystemParametersInfoA
SetScrollRange

gdi32

CreateMetaFileA
CreateFontW
SetWorldTransform
CreateRectRgn

comdlg32

PageSetupDlgA
PrintDlgA
ChooseColorW

advapi32

RegUnLoadKeyW
ReportEventA
OpenServiceA
CryptCreateHash
GetTokenInformation
StartServiceCtrlDispatcherW
LogonUserW
RegEnumValueA
RegDeleteValueW
RegEnumValueW
InitializeAcl

shell32

SHChangeNotify
SHAddToRecentDocs

ole32

OleSetContainedObject
IsAccelerator
OleDraw
OleQueryLinkFromData
WriteClassStg
GetRunningObjectTable
CoSuspendClassObjects

oleaut32

QueryPathOfRegTypeLi
SafeArrayAccessData
SetErrorInfo
LoadTypeLibEx
SafeArrayUnaccessData

comctl32

ImageList_GetIconSize
InitCommonControlsEx
ImageList_Replace

shlwapi

SHDeleteKeyA
StrCmpIW
SHRegGetBoolUSValueW
SHRegQueryUSValueW
PathCommonPrefixW
StrChrA
UrlCanonicalizeW
StrStrIA
StrCatBuffW
PathGetCharTypeA

setupapi

SetupDiDeleteDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupOpenAppendInfFileW
SetupOpenAppendInfFileA
SetupOpenLog
SetupGetBinaryField
SetupDiSetDeviceInstallParamsA
SetupDiRemoveDevice

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c2e0a593c0b0c2e78728006091eda043

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 20KB - Virtual size: 16KB