26ee03e70bb2b5e606d7230e18ec8669_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26ee03e70bb2b5e606d7230e18ec8669_JaffaCakes118
Size

190KB
MD5

26ee03e70bb2b5e606d7230e18ec8669
SHA1

d84f715ea5a89e0a64a320082202ab4127d48928
SHA256

f23f313d7532779f9cdd91e3e607ddc379857e7023bd3b849610b5abf1e1bd2e
SHA512

461359aeb81150af588d994189049e4c1fae2db69aa39def0d365acc06dd88018104e5e75e8a84abd16b57d46709232f8170d61911d95e515b89b9212b79c6a0
SSDEEP

3072:3qi4WOoXpIcbpIgJwysRFW54jvmjFex4dwiB5T3kRPmGZLBwdaI:374KpNbvuE54Dqe8dQLedj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ee03e70bb2b5e606d7230e18ec8669_JaffaCakes118

Files

26ee03e70bb2b5e606d7230e18ec8669_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cb474ed88cdd13c17a0f9534f1b16ed7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

rpcrt4

NdrClientCall
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingSetAuthInfoA
RpcStringFreeA

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_GetIconSize
ImageList_Create
ImageList_Destroy

shlwapi

PathIsRelativeW
PathCanonicalizeW
PathIsRootW
PathIsURLW
PathStripToRootW
PathCombineW

gdi32

CreatePen
AnimatePalette
StrokePath
FlattenPath
PolyBezier
GetBitmapBits
PlgBlt
ExtCreatePen
GetPath
CreateFontIndirectA
GetBkColor
SetTextColor
RoundRect
SetStretchBltMode
SetDIBits

kernel32

FindResourceExA
CreateFiber
CompareStringW
SetEndOfFile
GetFileAttributesA
SetCommConfig
FileTimeToLocalFileTime
GetFileType
GetVersionExW
LocalAlloc
GetProfileStringW
GetFileTime
EnumResourceNamesW
SearchPathW
GetUserDefaultLangID
FileTimeToSystemTime
FlushFileBuffers
LockFile
UnlockFile
GetSystemTime
FlushFileBuffers
GetVolumeInformationW
VerLanguageNameW
IsDBCSLeadByte
GetSystemDirectoryW

user32

ClipCursor
CallNextHookEx
DestroyCursor
SetScrollRange
DrawEdge
ChildWindowFromPoint
DefWindowProcW
SetClipboardData
EmptyClipboard
SetWindowPos
IsClipboardFormatAvailable
MonitorFromWindow
DestroyIcon
WinHelpW
UnhookWindowsHookEx
ToAscii
GetSysColorBrush
SetWindowsHookExW
RegisterClassW
GetSysColor

comdlg32

GetFileTitleA

ole32

StringFromCLSID
CoCreateInstance
CoGetClassObject
CoCreateGuid
CoFreeUnusedLibraries
StgOpenStorageOnILockBytes
CoGetMalloc
CreateStreamOnHGlobal
CLSIDFromProgID
CoTaskMemAlloc
OleRegGetUserType
CLSIDFromString
OleRun
ProgIDFromCLSID
OleDuplicateData
CoTaskMemFree
ReleaseStgMedium
GetHGlobalFromStream
RegisterDragDrop
GetHGlobalFromILockBytes
OleGetAutoConvert
RevokeDragDrop
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cb474ed88cdd13c17a0f9534f1b16ed7

Headers

File Characteristics

Imports

rpcrt4

comctl32

shlwapi

gdi32

kernel32

user32

comdlg32

ole32

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 24KB - Virtual size: 23KB

.lib Size: 512B - Virtual size: 224KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 24KB - Virtual size: 23KB

.lib
Size: 512B - Virtual size: 224KB