26ce274e8095abaa2790dfee5c34ab7b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26ce274e8095abaa2790dfee5c34ab7b_JaffaCakes118
Size

732KB
MD5

26ce274e8095abaa2790dfee5c34ab7b
SHA1

d02ba1d0e003f217a67c9b51590acfb767644b36
SHA256

64425a2046a7c5f693752204dd8e95b2fd646f8c00df7db250500921f6b4521c
SHA512

02ce6b2eaea0451744d77075808510c3c3eca5ad6c9103f3f062b74dacefa6c28f91b56289cff0b8bfdc33d39a8f7c4585ff7583cf2e8859b94877db888f343b
SSDEEP

12288:9ggmPqatbuEJxo6RphRNjy9JpgrrevaPlRiJTobY0TuJF+Q:agmPHbuEgyXRs9ofeis0U2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ce274e8095abaa2790dfee5c34ab7b_JaffaCakes118

Files

26ce274e8095abaa2790dfee5c34ab7b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e45d5dd482676d0b9fc5aa2b55f723c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

N:\UEWA

Imports

kernel32

GetDiskFreeSpaceExA
CompareStringW
RtlZeroMemory
IsBadWritePtr
FreeEnvironmentStringsA
GetCurrencyFormatA
GetEnvironmentStringsW
QueryPerformanceCounter
HeapDestroy
LoadResource
IsValidCodePage
CreateSemaphoreA
WriteProfileSectionW
ReadConsoleInputA
FlushFileBuffers
GetCommandLineA
TlsAlloc
UnhandledExceptionFilter
HeapCreate
lstrcmpiW
GetStartupInfoA
InterlockedExchange
GetCurrentThread
InterlockedDecrement
DebugBreak
TlsGetValue
VirtualLock
GetThreadPriority
SetEnvironmentVariableA
GetSystemTimeAsFileTime
CommConfigDialogA
GetDiskFreeSpaceExW
GetExitCodeProcess
GetCurrentProcessId
GetModuleFileNameA
PulseEvent
HeapFree
SetVolumeLabelW
ReadConsoleA
GetSystemTimeAdjustment
WideCharToMultiByte
GetCPInfo
lstrcpyA
CreateDirectoryExW
GetFileAttributesA
GetCalendarInfoW
CreateMutexA
MapViewOfFileEx
LeaveCriticalSection
VirtualQuery
GetProfileStringW
GetTempPathW
RtlMoveMemory
FindResourceW
EnumResourceNamesA
WriteConsoleW
GetProcAddress
MapViewOfFile
SetHandleCount
FreeLibraryAndExitThread
LoadLibraryExA
FreeEnvironmentStringsW
GetFileType
GetNumberFormatW
GetTimeFormatW
GetSystemDirectoryW
LoadLibraryA
WriteFile
VirtualFree
GetProcessHeap
FlushConsoleInputBuffer
ReadConsoleInputW
GetModuleHandleA
OpenMutexA
ExitProcess
SetConsoleCP
CompareStringA
TerminateThread
EnumSystemCodePagesW
AddAtomW
lstrcpynA
SetLastError
GetACP
SetWaitableTimer
GetVersion
GlobalDeleteAtom
DeleteCriticalSection
TlsFree
GetWindowsDirectoryA
GetOEMCP
GetConsoleMode
DeleteFileA
InterlockedExchangeAdd
MultiByteToWideChar
GetStringTypeExA
CloseHandle
GetStdHandle
GetTickCount
LCMapStringW
RtlUnwind
GetLastError
HeapAlloc
GetSystemTime
EnumDateFormatsW
SetStdHandle
GetCurrentProcess
CreateSemaphoreW
EnumCalendarInfoExA
WritePrivateProfileStringA
EnumCalendarInfoA
EnterCriticalSection
TerminateProcess
WriteConsoleInputW
GetCurrentThreadId
ReadConsoleOutputA
InterlockedCompareExchange
CommConfigDialogW
GetTimeZoneInformation
InitializeCriticalSection
VirtualAlloc
TlsSetValue
GetStringTypeA
WaitNamedPipeW
ReadFile
OpenFileMappingW
lstrlenA
GetEnvironmentStrings
FillConsoleOutputAttribute
GetLocalTime
InterlockedIncrement
GetStringTypeW
RemoveDirectoryA
SetThreadContext
LCMapStringA
HeapReAlloc
FoldStringW
SetFilePointer

shell32

ShellExecuteA

advapi32

LookupSecurityDescriptorPartsW
RegCreateKeyW
RegDeleteValueW
CryptImportKey
RegEnumKeyExW
CryptGetDefaultProviderW
GetUserNameW
LogonUserA
RegSaveKeyA
RegOpenKeyA
LookupPrivilegeNameW
CryptCreateHash
CryptDuplicateHash
RegLoadKeyW
CryptVerifySignatureW
CryptAcquireContextA
RegOpenKeyExW
CryptGetKeyParam
LookupPrivilegeDisplayNameA
InitiateSystemShutdownA

comctl32

CreateStatusWindowW
CreatePropertySheetPageW
ImageList_LoadImageA
ImageList_GetImageRect
CreateStatusWindowA
ImageList_SetFlags
ImageList_GetFlags
ImageList_DragLeave
ImageList_EndDrag
InitCommonControlsEx
CreateToolbarEx
ImageList_SetIconSize
CreateStatusWindow
GetEffectiveClientRect
ImageList_GetIcon
CreatePropertySheetPageA
ImageList_GetDragImage
CreateMappedBitmap
ImageList_DrawEx
ImageList_Create
CreateToolbar

user32

SwitchDesktop
EnableScrollBar
RegisterClassExA
GetUpdateRect
DdeCreateStringHandleA
DlgDirSelectComboBoxExW
GetClassNameW
SetClipboardViewer
DestroyWindow
PeekMessageW
DdeQueryNextServer
BeginDeferWindowPos
ShowWindow
GetMessageW
GetKeyboardLayoutNameA
InvalidateRgn
wvsprintfA
GetClipCursor
GetThreadDesktop
GrayStringW
DestroyAcceleratorTable
CharToOemW
SystemParametersInfoW
CopyIcon
InsertMenuItemA
DdeNameService
LoadMenuA
CharLowerW
GetInputState
CheckMenuRadioItem
MessageBoxW
IsDialogMessageA
DdeQueryStringA
RegisterClassA
FlashWindowEx
OemKeyScan
LoadCursorFromFileA
CloseWindowStation
CreateWindowExA
DrawFrameControl
GetMenuInfo
WaitMessage
ToAsciiEx
VkKeyScanA
GetUserObjectInformationW
AnimateWindow
GetWindowDC
IsChild
RegisterClassExW
GetProcessDefaultLayout
SetSystemCursor
CharLowerBuffW
UnregisterDeviceNotification
IsDialogMessageW
DdeQueryConvInfo
MapWindowPoints
SystemParametersInfoA
GetMessageA
SetDeskWallpaper
SetPropW
TranslateAcceleratorA
SetPropA
CharUpperBuffW
MsgWaitForMultipleObjects
DefWindowProcW

comdlg32

ChooseColorW
ReplaceTextA
GetFileTitleW
ChooseFontA

gdi32

GetObjectA
GdiPlayJournal
AddFontResourceW
CreateDCW
DeleteDC
GetDeviceCaps
DeleteObject

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 456KB - Virtual size: 454KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e45d5dd482676d0b9fc5aa2b55f723c2

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

advapi32

comctl32

user32

comdlg32

gdi32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 456KB - Virtual size: 454KB

.data Size: 132KB - Virtual size: 136KB

.rsrc Size: 60KB - Virtual size: 59KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 456KB - Virtual size: 454KB

.data
Size: 132KB - Virtual size: 136KB

.rsrc
Size: 60KB - Virtual size: 59KB