26f58cd2848650c82d49ace6e7871796_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26f58cd2848650c82d49ace6e7871796_JaffaCakes118
Size

180KB
MD5

26f58cd2848650c82d49ace6e7871796
SHA1

89f515b8efd3b727ee8ea5891ada1f2c0df445cf
SHA256

9462bc90d072e72dd0c77ca7e45c58ad71e0f4bb1b60174eaf7add4d67ac9a6b
SHA512

e17e719e2218d3d776bc41b9f840d65c4c69091cd73325f14af428ddc6a2231da5bac2a5988f3f0bac4b2b48545a2dd80a99b1f637af9f72743bf779452d8d08
SSDEEP

3072:aqSZtqYYixmUIsWI0oOtUCAPZizvNOcQcHKFjQu4h8Rql:zSOYbMiyUmoy78R2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f58cd2848650c82d49ace6e7871796_JaffaCakes118

Files

26f58cd2848650c82d49ace6e7871796_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0dd6b1f4888bb3cb79d01f183ea34fe2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

GetErrorInfo
SafeArrayUnaccessData
OleLoadPicture
SafeArrayPtrOfIndex
VariantCopyInd
SafeArrayGetElement
VariantChangeType
SysReAllocStringLen
SafeArrayCreate
SafeArrayGetUBound

comctl32

ImageList_DragShowNolock
ImageList_Destroy
ImageList_Remove
ImageList_DrawEx
ImageList_GetBkColor
ImageList_Read
ImageList_Create
ImageList_Write
ImageList_Add

ole32

WriteClassStm
GetHGlobalFromStream
PropVariantClear
MkParseDisplayName
CoGetContextToken
CoFreeUnusedLibraries
CoDisconnectObject
ReleaseStgMedium
CreateOleAdviseHolder

gdi32

SetBkMode
GetBitmapBits
GetCurrentPositionEx
GetPaletteEntries
GetClipBox

user32

IsCharUpperA
CharUpperA
PeekMessageW
PostQuitMessage
RedrawWindow
PtInRect
LoadIconA
IsWindow
wsprintfA

comdlg32

GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA
ChooseColorA

kernel32

lstrlenA
GetProcessHeap
lstrcpynA
VirtualAllocEx
lstrcmpiA

shlwapi

SHEnumValueA
PathIsDirectoryA
PathFileExistsA

advapi32

RegEnumKeyExA

shell32

SHGetFolderPathA
SHGetDesktopFolder
SHGetDiskFreeSpaceA

Exports

Exports

_T@20
_6
x@20

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 219KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 919B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dd6b1f4888bb3cb79d01f183ea34fe2

Headers

File Characteristics

Imports

oleaut32

comctl32

ole32

gdi32

user32

comdlg32

kernel32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 14KB

.data Size: 144KB - Virtual size: 219KB

.tls Size: 1024B - Virtual size: 919B

.rdata Size: 2KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 14KB - Virtual size: 14KB

.data
Size: 144KB - Virtual size: 219KB

.tls
Size: 1024B - Virtual size: 919B

.rdata
Size: 2KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 15KB - Virtual size: 15KB