26e8614b85c0808d7d6d4805f00e4c30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26e8614b85c0808d7d6d4805f00e4c30_JaffaCakes118
Size

308KB
MD5

26e8614b85c0808d7d6d4805f00e4c30
SHA1

4de79b9be90364fa66c3534cec7f80af79589b5a
SHA256

821ac1838416397c7dc03d41cabd73bc8229590f5a899540140e0f135632aac3
SHA512

79de62e28abf6bfce7068842e3ee7a3af41f12961a02a1881afd5c567b68be14877049928424f89ce1de060da34555f81e8550b085bc49f1c75ed5050d2d7462
SSDEEP

6144:FIpRmL33vZzBhkAF9aGLw1YF4PeaEYnhK8+U5iTKXBuZJhZDR:apRm7RzBRanA4PIl1U+KXIJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e8614b85c0808d7d6d4805f00e4c30_JaffaCakes118

Files

26e8614b85c0808d7d6d4805f00e4c30_JaffaCakes118
.exe windows:4 windows x86 arch:x86

828ff2266d7183397f2fd1c45f217b85

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SearchPathW
WritePrivateProfileSectionA
GetPrivateProfileSectionW
IsBadReadPtr
WaitNamedPipeA
GetDiskFreeSpaceExA
GetStartupInfoA
VirtualProtect
SetCommMask
GlobalGetAtomNameW
GetFullPathNameA
SetFileAttributesA
ExitProcess
SetProcessAffinityMask
WritePrivateProfileStructA
GetUserDefaultLangID
VirtualQueryEx
GetTickCount
GetDriveTypeW
DuplicateHandle
CloseHandle
EnumResourceLanguagesW
CreateMutexW
_hread
EnumDateFormatsW
SetErrorMode
GetCurrentDirectoryW
GetCommModemStatus
GetProfileIntA
VirtualLock
GlobalFindAtomA
OpenMutexA
VirtualAllocEx
SetProcessShutdownParameters
ReadConsoleInputW
FindNextChangeNotification
LocalLock
SetEvent
GetComputerNameW
SetConsoleMode
Beep
SetFileTime
GetVersionExA
GetCommandLineA
LocalAlloc

user32

ChangeClipboardChain
DialogBoxIndirectParamW
DefDlgProcW
RemovePropA
GetKeyboardState
EndDeferWindowPos
LoadMenuIndirectW
DefFrameProcW
IsWindowEnabled
SetCaretBlinkTime
SetForegroundWindow
GetClipboardOwner
NotifyWinEvent
AdjustWindowRectEx
CreateAcceleratorTableW
LoadMenuA
SetWindowsHookExA
EndPaint
GetWindowDC
GetMenu
BeginDeferWindowPos
MonitorFromRect
GetWindowThreadProcessId
HideCaret
LoadBitmapW
SetClipboardViewer
WindowFromDC
CreateMenu
RegisterDeviceNotificationA
UnhookWinEvent
TrackPopupMenuEx
DefDlgProcA
OpenWindowStationW
SetWindowLongW
EnumDisplaySettingsExA
SetMenuItemInfoW

gdi32

StretchDIBits
ScaleWindowExtEx
CreateFontA
FillRgn
CloseMetaFile
SetWindowExtEx
ArcTo
SetStretchBltMode
PlayEnhMetaFile
CreateHalftonePalette
SetPixel
SetArcDirection
RemoveFontResourceW
DPtoLP
GetViewportExtEx
UpdateColors
Chord
DeleteMetaFile
PatBlt

comdlg32

ReplaceTextW

advapi32

AdjustTokenPrivileges
RegLoadKeyW
AccessCheckAndAuditAlarmW
CreateProcessAsUserA
CryptImportKey
SetTokenInformation
GetServiceDisplayNameW
GetSecurityDescriptorControl
CryptDestroyKey
GetServiceDisplayNameA
CryptAcquireContextW
ImpersonateSelf
GetSidSubAuthority

shell32

FindExecutableA
ShellExecuteA
DragAcceptFiles
SHGetSettings
SHFileOperationA

ole32

CoCreateInstanceEx

oleaut32

SysAllocStringLen
SafeArrayRedim
LoadTypeLi
SafeArrayGetElement
SafeArrayCreate
VariantCopy
SafeArrayPutElement
VariantChangeType
SafeArrayUnaccessData

comctl32

ImageList_Duplicate
CreatePropertySheetPageA

shlwapi

ChrCmpIW
HashData
StrChrIA

setupapi

SetupDiEnumDriverInfoA
SetupDiGetClassDescriptionW
SetupDiBuildDriverInfoList
SetupDiGetClassDevsExA
SetupDiDeleteDeviceInfo
SetupGetInfFileListA
SetupDiOpenDevRegKey

Sections

NuHAy
Size: 276KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

KmGDqA
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

exTHlYc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XkLxRDj
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

828ff2266d7183397f2fd1c45f217b85

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

NuHAy Size: 276KB - Virtual size: 272KB

KmGDqA Size: 8KB - Virtual size: 4KB

exTHlYc Size: 16KB - Virtual size: 13KB

XkLxRDj Size: 4KB - Virtual size: 2KB

NuHAy
Size: 276KB - Virtual size: 272KB

KmGDqA
Size: 8KB - Virtual size: 4KB

exTHlYc
Size: 16KB - Virtual size: 13KB

XkLxRDj
Size: 4KB - Virtual size: 2KB