26f05b88ce2693f45c7440ec758c8712_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26f05b88ce2693f45c7440ec758c8712_JaffaCakes118
Size

516KB
MD5

26f05b88ce2693f45c7440ec758c8712
SHA1

9743c623530b2c4ad2988373e6195e0450dc25b0
SHA256

99a3b3824a8fcc6e7cee7561e5e9865c83b8e0c1c78dd10928c87f1f63e16763
SHA512

342451eb4065e0d966dc7bd96c92cdd4f3d0e78d343f13bc0e5cf6f93bf8f16ea6f05842062eecbe6d45a5c19b7f54994760c703ea0a62b88e2f19e83b870e88
SSDEEP

12288:mMRXLZyLznJd9hGLwNGaTDQpnfMSoy9Qvm6nEK8O2:1RX9yLzJdDGsNGXfMSoJBEKf2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f05b88ce2693f45c7440ec758c8712_JaffaCakes118

Files

26f05b88ce2693f45c7440ec758c8712_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7bf8b9cc816b378d67d9e6d5e9a9b61b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
GetOEMCP
SetCurrentDirectoryA
VirtualAlloc
LeaveCriticalSection
GetVersion
ExitProcess
GetTickCount
Sleep
HeapDestroy
FindClose
GlobalAlloc
FindResourceW
LoadResource
SetUnhandledExceptionFilter
GetFileAttributesW
TerminateProcess
LocalFree
SetEvent
GetFullPathNameA
OutputDebugStringA
GetStringTypeW
FindFirstFileW
GetSystemTimeAsFileTime
CloseHandle
CreateFileA
InterlockedExchange
ReadFile
lstrcmpA
GetModuleHandleA
GetStringTypeA
GetFileAttributesA
WideCharToMultiByte
CompareStringA
SetFilePointer
SetStdHandle
HeapSize
TlsFree
GetProcAddress
VirtualProtect
FreeEnvironmentStringsW
SetErrorMode
GetCPInfo
GetModuleHandleW
lstrcatA
GetConsoleOutputCP
GetCurrentProcessId
GetLocaleInfoA
GetEnvironmentStrings
GetCurrentProcess
GetLocalTime
LoadLibraryA
GetModuleFileNameA
FlushFileBuffers
GetEnvironmentStringsW
HeapAlloc
IsDebuggerPresent
FindFirstFileA
LCMapStringA
FreeLibrary
WaitForSingleObject
GlobalFree
GetModuleFileNameW
HeapCreate
HeapFree
GetLastError
GetProcessHeap
GetStartupInfoA
GetCommandLineA
UnhandledExceptionFilter
FreeEnvironmentStringsA
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
GetVersionExA
VirtualFree
RtlUnwind
WriteFile
InterlockedDecrement
InitializeCriticalSection
EnterCriticalSection
GetACP
HeapReAlloc
MultiByteToWideChar
LCMapStringW

user32

SetForegroundWindow
GetDesktopWindow
LoadIconA
GetDlgItem
SetWindowTextA
SetWindowPos
MessageBoxA
DispatchMessageA
GetWindowRect
ReleaseDC
PeekMessageA

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ycowyec
Size: 440KB - Virtual size: 437KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

igaqai
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

coysye
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7bf8b9cc816b378d67d9e6d5e9a9b61b

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 29KB

ycowyec Size: 440KB - Virtual size: 437KB

igaqai Size: 20KB - Virtual size: 20KB

coysye Size: 20KB - Virtual size: 17KB

.text
Size: 32KB - Virtual size: 29KB

ycowyec
Size: 440KB - Virtual size: 437KB

igaqai
Size: 20KB - Virtual size: 20KB

coysye
Size: 20KB - Virtual size: 17KB