26f41c0d9b48462658359b42af9b3e05_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26f41c0d9b48462658359b42af9b3e05_JaffaCakes118
Size

216KB
MD5

26f41c0d9b48462658359b42af9b3e05
SHA1

71932dac468f4c3b35a72b3afa4822896180c454
SHA256

41c5b9b110b3b5f5b381c819c4bc82bb5ca1423b6322f2535083de02eb7b351b
SHA512

de8c53440e0c5d6783ec0c460438f144cecc59e325f7b9ccb8d2a72b4903cccbc1c6228e8319cd160519529be11fdef0ff472e8d2b118c57c478fae5595b732a
SSDEEP

3072:8tI3Ucoim+SGPUoOBKD3aIIctyNkghnOjLH+Xhb6CXLNJVQK8kI9yOeKE54MsY:8pNimEPUoOBO3aROtgOjLHcrpoq4ZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f41c0d9b48462658359b42af9b3e05_JaffaCakes118

Files

26f41c0d9b48462658359b42af9b3e05_JaffaCakes118
.exe windows:4 windows x86 arch:x86

34b0bf3dc060ce00947959566006ddf4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoCreateInstance

kernel32

GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapReAlloc
RaiseException
ExitProcess
HeapSize
GetCPInfo
GetACP
TerminateProcess
FileTimeToLocalFileTime
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
RtlUnwind
GetOEMCP
GetTimeZoneInformation
FileTimeToSystemTime
WriteFile
GetFileType
GetStringTypeA
GetStringTypeW
GetDriveTypeA
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
GetLocaleInfoA
SetStdHandle
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
WaitForSingleObject
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
SetErrorMode
GetProcessVersion
WritePrivateProfileStringA
GlobalFlags
MulDiv
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetFileTime
SystemTimeToFileTime
LocalFileTimeToFileTime
GetFileTime
GetFileSize
GetFileAttributesA
FindNextFileA
SetLastError
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GetVersion
LocalFree
GetFullPathNameA
lstrcpynA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcmpiA
GetVersionExA
DeleteFileA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetEnvironmentStrings
GetEnvironmentStringsW
GetCurrentThreadId
ReadFile
GetLastError
OpenProcess
CreateFileA
DuplicateHandle
InterlockedDecrement
InterlockedIncrement
GlobalUnlock
GlobalFree
LockResource
FindResourceA
LoadResource
ReleaseMutex
CreateMutexA
SetHandleCount
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetCurrentProcess
GetModuleFileNameA
GetUserDefaultLangID
GetCurrentThread
WinExec
RemoveDirectoryA
GetSystemDirectoryA
CopyFileA
SetFileAttributesA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetTempFileNameA
CreateDirectoryA
FormatMessageA
MultiByteToWideChar
GetTempPathA
lstrlenA
HeapFree
lstrcpyA
HeapAlloc
WideCharToMultiByte
GetProcessHeap
CloseHandle

user32

ScreenToClient
EndDeferWindowPos
BeginDeferWindowPos
GetClientRect
DeferWindowPos
ScrollWindow
AdjustWindowRectEx
GetSysColor
MapWindowPoints
SystemParametersInfoA
GetClassNameA
PtInRect
ClientToScreen
GetDC
ReleaseDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
GrayStringA
LoadCursorA
GetSysColorBrush
LoadStringA
EqualRect
CopyRect
InvalidateRect
GetMenuItemCount
GetSubMenu
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
WinHelpA
SetMenu
GetMenu
GetClassInfoA
LoadMenuA
DestroyMenu
GetDesktopWindow
GetWindow
GetCapture
ReleaseCapture
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
RegisterWindowMessageA
SetScrollInfo
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
SetFocus
IsWindowEnabled
ShowWindow
SetWindowLongA
GetDlgCtrlID
GetWindowTextA
SetWindowTextA
GetWindowLongA
IsDialogMessageA
SendDlgItemMessageA
GetDlgItem
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetParent
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
MessageBoxA
SetCursor
ShowOwnedPopups
SendMessageA
PostQuitMessage
EnableWindow
wsprintfA
KillTimer
PostMessageA
SetTimer
LoadIconA
FindWindowA
UpdateWindow
ShowScrollBar
SetScrollRange
GetScrollPos
SetScrollPos
RegisterClassA
GetTopWindow
IsChild
GetClassLongA
DefWindowProcA
CreateWindowExA
GetForegroundWindow
SetPropA
UnhookWindowsHookEx
CallWindowProcA
SetForegroundWindow
GetPropA
GetMessagePos
RemovePropA
GetMessageTime
BringWindowToTop
GetWindowRect
GetLastActivePopup
SetActiveWindow
IsIconic
IsWindow
CharUpperA
SetWindowPos
EndDialog
WindowFromPoint
UnregisterClassA

gdi32

SetTextColor
GetObjectA
DeleteObject
DeleteDC
SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateBitmap
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SetBkColor
GetDeviceCaps
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape

comdlg32

GetFileTitleA

winspool.drv

AddPrinterDriverA
DeleteMonitorA
AddMonitorA
GetPrinterDriverA
DocumentPropertiesA
SetPrinterA
GetPrinterA
EnumPrintersA
GetPrinterDriverDirectoryA
EnumPrinterDriversA
OpenPrinterA
ClosePrinter

advapi32

RegEnumValueA
CreateProcessAsUserA
CopySid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetValueExA
RegQueryValueExA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
LookupAccountSidA
OpenThreadToken
OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
FreeSid
EqualSid

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
DragFinish
DragQueryFileA

comctl32

ord17
ImageList_Destroy

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

34b0bf3dc060ce00947959566006ddf4

Headers

File Characteristics

Imports

ole32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 161KB - Virtual size: 161KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 17KB - Virtual size: 31KB

.rsrc Size: 1024B - Virtual size: 26KB

.text
Size: 161KB - Virtual size: 161KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 17KB - Virtual size: 31KB

.rsrc
Size: 1024B - Virtual size: 26KB