26d1fdb93efc30012b0267804328d21c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26d1fdb93efc30012b0267804328d21c_JaffaCakes118
Size

308KB
MD5

26d1fdb93efc30012b0267804328d21c
SHA1

7fcccac2102b6099b0f56edd1d05186decc09c64
SHA256

5398ecca123d4f2b0732af6900b6532304fb97f717a916edc9e7955779c155d2
SHA512

1bb09b3038de59731919daa1f2eef33018fcfdea847f2542c2edd92e49d183ec4b2d75e50e6682b44fe4c90a94ffcafe1fad6f71ba03c919c077a74cd189322b
SSDEEP

6144:nQM1gggf4e4eTSSro9OdB2IS6ZER960+eEexaEOFxVPlwYf4x7fdQtbLtSN37Z:nP1gSvSr2iB2l6ij6deHaEOFDlw3Ffd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d1fdb93efc30012b0267804328d21c_JaffaCakes118

Files

26d1fdb93efc30012b0267804328d21c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a4bd3f7ed47e2e7527bbc7b1b0ce66ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
UpdateResourceA
FreeConsole
DeleteCriticalSection
UnlockFileEx
CreateSemaphoreA
BackupSeek
GetTempPathA
lstrcatW
SetEvent
CreateEventW
UnhandledExceptionFilter
SetTapeParameters
CreateIoCompletionPort
CallNamedPipeW
GetCommConfig
lstrcpynA
GetConsoleMode
PostQueuedCompletionStatus
SetConsoleOutputCP
ReadConsoleOutputW
WaitCommEvent
LocalFree
GetPrivateProfileStructA
AddAtomW
EscapeCommFunction
CreateDirectoryA
ReadFileScatter
GetVersionExA
GetUserDefaultLCID
GetPrivateProfileSectionW
SetupComm
GetVolumeInformationA
WriteConsoleA
WritePrivateProfileSectionW
GetProcessTimes
GetStdHandle
GlobalHandle
GetPriorityClass
CreateMutexA
FindResourceExA
HeapDestroy
WriteConsoleOutputCharacterA
_lread
LoadLibraryW
GetSystemTime
SearchPathW
SetUnhandledExceptionFilter
CopyFileW
GetFileSize
VirtualUnlock
ExitThread
WriteProfileStringW
GetStartupInfoW
GetDiskFreeSpaceExA
GetTapeParameters
GetDateFormatW
WriteProcessMemory
FillConsoleOutputCharacterA
GetShortPathNameA
Beep
GetCommandLineA
UnmapViewOfFile
GlobalDeleteAtom
ResumeThread
RemoveDirectoryA
SetConsoleTextAttribute
GetCommandLineW
_llseek
GlobalCompact
GetVersionExW
GetDiskFreeSpaceA
DosDateTimeToFileTime
ExpandEnvironmentStringsA
WritePrivateProfileStringA
ConvertDefaultLocale
SetFileAttributesW
InterlockedExchangeAdd
GetProcessVersion
EnumSystemCodePagesA
FillConsoleOutputCharacterW
GetStringTypeW
QueryDosDeviceA
IsValidLocale
EnumResourceLanguagesW
EnumCalendarInfoA
SetLocalTime
IsDebuggerPresent
DeleteAtom
SetPriorityClass
GetLongPathNameA
IsBadStringPtrW
WriteFileEx
GetWindowsDirectoryA
GetCPInfo
VirtualProtect
CallNamedPipeA
ExitProcess

user32

LoadKeyboardLayoutW
IsDialogMessageW
CreateWindowStationW
GetDoubleClickTime
SetCursor
SetKeyboardState
SetWindowContextHelpId
CharToOemBuffA
IsCharUpperA
DrawFrameControl
DestroyMenu
GetTabbedTextExtentA
OemToCharA
CharPrevA
GetDlgItem
RegisterClassW
GetWindowTextA
GetMessageExtraInfo

gdi32

GetTextColor
GetEnhMetaFilePaletteEntries

comdlg32

GetSaveFileNameA
CommDlgExtendedError
ChooseFontA
PageSetupDlgW

advapi32

RegEnumKeyA
DestroyPrivateObjectSecurity
MakeSelfRelativeSD
EnumDependentServicesA
RegSaveKeyA
CryptGenKey
IsValidSid
RegUnLoadKeyW
OpenSCManagerA
CryptGetKeyParam
RegOpenKeyW
RegOpenKeyExW
RegEnumKeyW
OpenEventLogW
SetFileSecurityW
RegNotifyChangeKeyValue
CryptCreateHash
RegisterServiceCtrlHandlerA
ObjectDeleteAuditAlarmW
RegDeleteKeyA
GetSecurityDescriptorLength
RegSetKeySecurity
CreateProcessAsUserA
RegCloseKey
CryptHashData
StartServiceCtrlDispatcherW
NotifyChangeEventLog
EnumServicesStatusA
GetUserNameA
CryptGetUserKey
GetSecurityDescriptorGroup
GetUserNameW
RegEnumValueW
GetSecurityDescriptorControl
EnumServicesStatusW
CryptDecrypt
DuplicateTokenEx
InitiateSystemShutdownA
MakeAbsoluteSD

ole32

CoGetClassObject

oleaut32

SafeArrayCreate
SafeArrayGetElement

comctl32

ImageList_SetImageCount
ImageList_BeginDrag
ImageList_GetImageInfo

shlwapi

StrCpyNW
PathUndecorateW
PathUnquoteSpacesW
UrlCanonicalizeW
PathGetDriveNumberA
PathIsSameRootW
PathAddBackslashW
PathCombineA
PathCombineW

setupapi

SetupDiCreateDeviceInfoW
SetupInstallFromInfSectionW
SetupDiSetSelectedDevice
SetupDiSetClassInstallParamsA

Sections

.text
Size: 276KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a4bd3f7ed47e2e7527bbc7b1b0ce66ce

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 276KB - Virtual size: 273KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 276KB - Virtual size: 273KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 17KB