26ce1716810ec67ee7398337b6258935_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26ce1716810ec67ee7398337b6258935_JaffaCakes118
Size

487KB
MD5

26ce1716810ec67ee7398337b6258935
SHA1

7a80286297d7ce238d587bc76b8872f3f5441550
SHA256

6fc5f6b098a2aa55e88efce133c9753e988d316e7feebf384c6ba3d207e22478
SHA512

7bf9fcba7cf7ec8bc7ed438dc86ad113ab2d41fc0e5c069098016199720154e900859afea70b0017d711300e9219c0a2ea91c1607488bef44384ee4572681905
SSDEEP

12288:s1O2UacJ3ayAoY2nAzgY3yCjSfPhxBqbApCfMb5BoF9:s1alJ3anHSADiXfZ2dErG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ce1716810ec67ee7398337b6258935_JaffaCakes118

Files

26ce1716810ec67ee7398337b6258935_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ded75212b00a2becaa8daf17c8a044c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitMUILanguage
CreateStatusWindow
ImageList_Replace
CreateToolbarEx
InitCommonControlsEx
ImageList_AddMasked
ImageList_GetFlags
ImageList_SetDragCursorImage

gdi32

DrawEscape
SetICMMode
GetColorSpace
GetObjectW
GetClipRgn
CloseFigure
SetPolyFillMode
CheckColorsInGamut
GetOutlineTextMetricsA
GetGlyphOutlineA
RectVisible
GetCharWidthW
GetMetaFileA

comdlg32

ChooseColorW
GetSaveFileNameW
ReplaceTextA

shell32

ShellExecuteExA

user32

MessageBoxA
GetClassNameA
RegisterClassA
DefWindowProcA
RegisterClassExA
ShowWindow
CreateWindowExW
DestroyWindow

wininet

FtpDeleteFileA
InternetDialA
FindFirstUrlCacheEntryExA
InternetFindNextFileW
InternetSecurityProtocolToStringA

kernel32

MultiByteToWideChar
LCMapStringA
VirtualAlloc
SetHandleCount
CloseHandle
GetSystemTimeAsFileTime
GetLastError
GetCommandLineW
SetFilePointer
GetStringTypeA
GetVersion
GetStartupInfoA
CommConfigDialogA
LeaveCriticalSection
QueryPerformanceCounter
GetModuleFileNameA
HeapDestroy
GetEnvironmentStringsW
CompareStringA
WriteFile
InterlockedIncrement
InitializeCriticalSection
SetStdHandle
OpenMutexA
TlsGetValue
InterlockedDecrement
ReadFile
TlsSetValue
GetLocalTime
GetEnvironmentStrings
HeapFree
GetCPInfo
HeapReAlloc
GetFileType
GetModuleFileNameW
GetVolumeInformationW
GetCurrentThreadId
GetSystemTime
HeapCreate
FreeEnvironmentStringsW
GetModuleHandleA
UnhandledExceptionFilter
GetStringTypeW
ExitProcess
LCMapStringW
SetEnvironmentVariableA
GetCurrentThread
GetCommandLineA
lstrcpy
TerminateProcess
FlushFileBuffers
VirtualFree
GetStdHandle
HeapAlloc
CreateMutexW
GetAtomNameA
InterlockedExchange
EnterCriticalSection
CreateSemaphoreA
GetCurrentProcess
GetCurrentProcessId
SetLastError
GetProcAddress
WideCharToMultiByte
GetTickCount
IsBadWritePtr
FreeEnvironmentStringsA
CompareStringW
LoadLibraryA
GetTimeZoneInformation
CreateMutexA
TlsAlloc
VirtualQuery
RtlUnwind
DeleteCriticalSection
GetStartupInfoW
TlsFree

Sections

.text
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ded75212b00a2becaa8daf17c8a044c4

Headers

File Characteristics

Imports

comctl32

gdi32

comdlg32

shell32

user32

wininet

kernel32

Sections

.text Size: 303KB - Virtual size: 302KB

.rdata Size: 55KB - Virtual size: 76KB

.data Size: 101KB - Virtual size: 100KB

.rsrc Size: 27KB - Virtual size: 26KB

.text
Size: 303KB - Virtual size: 302KB

.rdata
Size: 55KB - Virtual size: 76KB

.data
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 27KB - Virtual size: 26KB