26e18f0750e271fd8019fe4b76cfd9fb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26e18f0750e271fd8019fe4b76cfd9fb_JaffaCakes118
Size

637KB
MD5

26e18f0750e271fd8019fe4b76cfd9fb
SHA1

6298a12a9bbb3b8520c3c76db82314d532639d9b
SHA256

fe73e3563c5f5c4cb2560cd2cb3366960ed076ac3031d01babbccd03c7e1730a
SHA512

b986084a4606a17ac8b2513aeaa1f9bc60c4ad7d005389aa86a8b0c7940e5d01a9960d8f2fc00c79b147a455f6a1b01659faa9744a185def0249aa7fb1e6a8d6
SSDEEP

12288:tzpnUhsRp30WumBOIZ5Q1DUbtQkAhCvzv1xF/HfKIUMnDpyvqug9sez/n3DVSp:tzpUhs70YOo5QVUbtQkAhCvzv1xF/HiX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e18f0750e271fd8019fe4b76cfd9fb_JaffaCakes118

Files

26e18f0750e271fd8019fe4b76cfd9fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5294ee23b6da0abafdf5f1ad6369d602

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\fvqmeazk

Imports

kernel32

InitializeCriticalSection
GetCurrentThreadId
GetCommandLineA
WriteFile
GetUserDefaultLCID
GetOEMCP
OpenMutexA
SetFilePointer
TlsSetValue
QueryPerformanceCounter
CloseHandle
GetSystemDefaultLCID
GetDateFormatA
GetTickCount
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
FoldStringW
OpenMutexW
TerminateProcess
FlushFileBuffers
HeapDestroy
HeapCreate
LeaveCriticalSection
HeapReAlloc
lstrcmpiA
SetSystemTime
GetSystemTimeAsFileTime
VirtualAlloc
GetStringTypeA
InterlockedExchange
GetModuleFileNameA
SetStdHandle
WriteProfileSectionW
FreeEnvironmentStringsA
DeleteCriticalSection
CreateMutexA
EnterCriticalSection
ExitProcess
GetLocaleInfoW
GetStdHandle
LoadLibraryA
GetModuleHandleA
HeapFree
IsBadWritePtr
CompareStringA
IsValidLocale
RtlUnwind
GetProfileSectionW
UnhandledExceptionFilter
ReadFile
GetEnvironmentStrings
OpenSemaphoreA
GetLocaleInfoA
GetTimeZoneInformation
EnumCalendarInfoA
TlsFree
HeapSize
GetVersionExA
HeapAlloc
GetSystemInfo
LCMapStringW
CompareStringW
GetStartupInfoA
EnumSystemLocalesA
GetCurrentProcessId
EnumDateFormatsExW
FindFirstFileExW
VirtualFree
GetStringTypeW
EnumResourceNamesA
GetCurrentProcess
GetCPInfo
VirtualProtect
WideCharToMultiByte
IsValidCodePage
GetTimeFormatA
MultiByteToWideChar
GetCurrentThread
GetEnvironmentStringsW
GetFileAttributesA
LCMapStringA
SetHandleCount
GetLastError
FreeEnvironmentStringsW
GetFileType
GetACP
GetPrivateProfileSectionNamesA
SetLastError
VirtualQuery
GetProcAddress

comctl32

ImageList_DragMove
ImageList_Copy
DrawInsert
ImageList_DragShowNolock
DrawStatusTextW
ImageList_SetFlags
CreatePropertySheetPageA
CreatePropertySheetPageW
_TrackMouseEvent
InitCommonControlsEx
ImageList_Add
ImageList_SetIconSize
ImageList_GetImageCount
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_DrawIndirect
ImageList_SetFilter
InitMUILanguage
ImageList_GetIcon
ImageList_SetOverlayImage

user32

GetClassLongW
GetTopWindow
VkKeyScanExW
FindWindowA
CreateWindowExW
GetMenuDefaultItem
IsWindow
GetClassNameW
IsCharAlphaNumericW
GetUpdateRect
DrawTextExA
MapVirtualKeyA
SetMenuInfo
RegisterClipboardFormatW
DdeReconnect
VkKeyScanW
RegisterClassA
ShowWindow
RegisterClassExA
MessageBoxW
GetDialogBaseUnits
LoadMenuIndirectA

Sections

.text
Size: 473KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5294ee23b6da0abafdf5f1ad6369d602

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 473KB - Virtual size: 472KB

.rdata Size: 30KB - Virtual size: 43KB

.data Size: 109KB - Virtual size: 109KB

.rsrc Size: 23KB - Virtual size: 23KB

.text
Size: 473KB - Virtual size: 472KB

.rdata
Size: 30KB - Virtual size: 43KB

.data
Size: 109KB - Virtual size: 109KB

.rsrc
Size: 23KB - Virtual size: 23KB