26f4ad97b00da6d2035d0f2ad20405f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26f4ad97b00da6d2035d0f2ad20405f3_JaffaCakes118
Size

522KB
MD5

26f4ad97b00da6d2035d0f2ad20405f3
SHA1

2c9883ee6f2ed904a849e079ccb6b9b9a1a37a22
SHA256

7331f576b64e830dd9198b549616470586f4cb3cf7ecb2ae60fa86f30ab31edc
SHA512

f29d8e0e75cbefeda704302259c6adeb4ae4a52fdc7ae0d97c2ab0021481e73ca645e82b264ca8c6a2af255981a3628b85644eceb737beb0f7be717e7502e40a
SSDEEP

12288:yE8JHZpRpg7k9yw9z1/J9xeLYJoRgV5Lh8hWyyCrmXOCuk3ZBR:yEATJxVUWHCrAOCukB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f4ad97b00da6d2035d0f2ad20405f3_JaffaCakes118

Files

26f4ad97b00da6d2035d0f2ad20405f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f0a975789cde26eacfafe1bd733b839

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\epanoey\boefqke.pdb

Imports

comctl32

ImageList_DrawEx
ImageList_SetBkColor
ImageList_Draw
ImageList_LoadImageW
ImageList_DrawIndirect
ImageList_DragMove
InitCommonControlsEx
CreateUpDownControl
ImageList_Add
DrawStatusText
ImageList_Remove

shell32

DuplicateIcon
SHGetDataFromIDListA
DragFinish
FreeIconList

comdlg32

ReplaceTextW
ChooseColorA
GetSaveFileNameA

user32

LoadKeyboardLayoutA
HideCaret
GetQueueStatus
DefWindowProcA
MessageBoxA
SetCapture
RegisterClassExA
DestroyWindow
LoadMenuIndirectW
ImpersonateDdeClientWindow
SetWindowPos
ChangeDisplaySettingsA
GetDC
DlgDirListA
CreateIcon
GetTabbedTextExtentW
ShowWindow
RegisterClassA
CreateWindowExW
GetClipCursor

gdi32

GetEnhMetaFileBits
GetBoundsRect
GetICMProfileW
PlayMetaFile
LineTo
GetRandomRgn
CreateBrushIndirect
SetPixelV
GetAspectRatioFilterEx
GetLayout
EnumFontFamiliesExW
CreateDiscardableBitmap
GetMiterLimit
SetLayout
EnumFontFamiliesExA
EndPath
EnumObjects
UpdateICMRegKeyA

kernel32

QueryPerformanceCounter
VirtualAlloc
SetFilePointer
FreeEnvironmentStringsW
InterlockedExchange
EnumCalendarInfoExW
EnterCriticalSection
SetConsoleCP
InterlockedDecrement
GetFileType
HeapCreate
GlobalFlags
MapViewOfFileEx
lstrcmpA
SetLastError
GetModuleHandleA
VirtualFree
GetSystemTimeAsFileTime
GetVersion
GetLocalTime
GetTimeZoneInformation
GetLastError
GetOEMCP
TlsAlloc
HeapFree
HeapReAlloc
GetEnvironmentStrings
OpenMutexA
HeapAlloc
GetThreadPriorityBoost
DeleteCriticalSection
UnhandledExceptionFilter
CompareStringW
ExitProcess
CreateMutexA
CloseHandle
DebugBreak
GetSystemTime
WriteFile
GetCPInfo
TlsGetValue
GetCurrentThread
EnumCalendarInfoExA
GetCompressedFileSizeW
GetCurrentProcessId
FreeEnvironmentStringsA
GetStdHandle
SetStdHandle
TerminateProcess
RaiseException
HeapDestroy
IsBadWritePtr
ReadFile
GetStringTypeA
GetTickCount
CreateWaitableTimerA
MultiByteToWideChar
GetProcAddress
InterlockedIncrement
SetHandleCount
LCMapStringW
GetACP
EnumResourceNamesA
CompareStringA
GlobalFree
LeaveCriticalSection
GetStartupInfoA
LoadLibraryA
ResetEvent
TlsSetValue
GetCurrentThreadId
GetPrivateProfileStringW
GetModuleFileNameA
GetCommandLineA
ContinueDebugEvent
WideCharToMultiByte
TlsFree
FlushFileBuffers
SetEnvironmentVariableA
DeleteFileA
InitializeCriticalSection
GetStringTypeW
ConvertDefaultLocale
RtlUnwind
GetEnvironmentStringsW
LCMapStringA
GetCurrentProcess
VirtualQuery
GetConsoleCursorInfo

wininet

IncrementUrlCacheHeaderData
InternetInitializeAutoProxyDll

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 212KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 105KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1f0a975789cde26eacfafe1bd733b839

Headers

File Characteristics

PDB Paths

Imports

comctl32

shell32

comdlg32

user32

gdi32

kernel32

wininet

Sections

.text Size: 195KB - Virtual size: 195KB

.rdata Size: 212KB - Virtual size: 235KB

.data Size: 105KB - Virtual size: 105KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 212KB - Virtual size: 235KB

.data
Size: 105KB - Virtual size: 105KB

.rsrc
Size: 8KB - Virtual size: 7KB