a26c14355040e9570f52a2b3c138a4ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a26c14355040e9570f52a2b3c138a4ba_JaffaCakes118
Size

138KB
MD5

a26c14355040e9570f52a2b3c138a4ba
SHA1

e66506e8d2ca48c863c3129c661ce0c2ab895928
SHA256

828f85ee3a9ab625cf6cdbd461ad0810b9d6a2760dc1002e49834aec0d3a644e
SHA512

c7e49ee0f1ce11cdfd7ec5a24224cea5e33185da362a96c34347f02931f754ba02d6c74d89fa8534539b798f01a1b8dab1eb4c7d8294b05081c0e455d8b889c9
SSDEEP

1536:qSckj8/JOEXaBLHFx3GgGOxrfEWzmbETX+Ad1MuhpitYP0M1AJBnAYhKsI:Sko/JBGltGgbfbm2+u1M4pQYP0GUthZI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26c14355040e9570f52a2b3c138a4ba_JaffaCakes118

Files

a26c14355040e9570f52a2b3c138a4ba_JaffaCakes118
.exe windows:5 windows x86 arch:x86

80305b895296cb971e89819d9cc8a099

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileSectionA
WriteFile
IsDBCSLeadByte
GetOEMCP
WaitForSingleObject
QueryPerformanceCounter
SetHandleInformation
GetAtomNameW
GlobalMemoryStatusEx
lstrlenW
GetProcAddress
GetCommProperties
AddAtomA
GetEnvironmentVariableA
GlobalUnlock
GetStartupInfoW
HeapAlloc
WaitCommEvent
GetSystemTimeAsFileTime
GlobalFindAtomW
GetStringTypeA
lstrcpynW
UnmapViewOfFile
MoveFileExA
HeapFree
HeapSize
InitializeCriticalSection
GetExitCodeThread
ContinueDebugEvent
GlobalDeleteAtom
LoadLibraryA
GetModuleHandleA
GetProcessHeap
GetNumberFormatA
SearchPathW
GetFullPathNameA
GetFileSize
GetFileType
GetCurrentProcessId
SetThreadAffinityMask
CreateMutexA
GetComputerNameExW
CreateThread
GetTickCount
OpenEventW
GetSystemDefaultLangID
GetDriveTypeA
EnumResourceNamesA

user32

ChildWindowFromPointEx
ValidateRect
SetWindowPlacement
DragObject
GetWindowThreadProcessId
TabbedTextOutW
CopyImage
DestroyCursor
CreatePopupMenu
PostThreadMessageW
SetWindowContextHelpId
ReleaseDC
GetDlgItemTextW
HiliteMenuItem
InsertMenuA
GetSystemMenu
MapVirtualKeyA
AppendMenuA
EndPaint
CopyRect
CloseWindow
IsDialogMessageA
PeekMessageA
PostMessageW
GetIconInfo
RegisterDeviceNotificationA
TranslateMessage
DrawMenuBar
GetCaretPos
GetScrollRange
LoadAcceleratorsW
BroadcastSystemMessageW
PeekMessageW
RemoveMenu
IsWindowVisible
GetWindowContextHelpId
GetMenuItemCount
RegisterClassW
TrackPopupMenuEx
IsWindowEnabled
SetPropW
UpdateWindow
TranslateAcceleratorW
InvalidateRgn
GetMessageTime
DispatchMessageA
GetFocus
MoveWindow
GetDC
mouse_event
BeginPaint
CreateCaret
GetSubMenu
MessageBoxExW
SetSysColors
GetMessageA
DialogBoxParamA

crypt32

CertOpenStore
CryptHashPublicKeyInfo
CryptProtectData
CertCloseStore
CertFreeCertificateContext

advapi32

ImpersonateSelf
SetThreadToken
RegQueryInfoKeyW
RegOpenKeyExW
AccessCheckAndAuditAlarmW
GetUserNameW
GetAclInformation
GetSidLengthRequired
ControlService
DuplicateTokenEx
CryptGetHashParam
RegisterEventSourceA
RegQueryValueW

imagehlp

ImageDirectoryEntryToData

gdi32

SetTextAlign
DeleteObject
GetMiterLimit
CreateRoundRectRgn
ExtTextOutA
EndDoc
SelectPalette
GetDIBits
GetBrushOrgEx
ExcludeClipRect
FillRgn
BeginPath
GetTextExtentPoint32A
RectVisible
CreateDiscardableBitmap
CreateBrushIndirect
RestoreDC
DeleteMetaFile
CreatePalette

msvcrt

srand
rand
memset

Exports

Exports

_ModifyRegistry@8
_BmUqk_LJue_Se@16
_ZOM_yizrh_yrk_sr@16
_SaveRegistry@12
_BrQ_hejsm_i@12
_VvOz_ght_zgm_h@16

Sections

.code
Size: - Virtual size: 243KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

80305b895296cb971e89819d9cc8a099

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

crypt32

advapi32

imagehlp

gdi32

msvcrt

Exports

Exports

Sections

.code Size: - Virtual size: 243KB

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 8KB - Virtual size: 8KB

.rsrc Size: 104KB - Virtual size: 104KB

.reloc Size: 1024B - Virtual size: 662B

.code
Size: - Virtual size: 243KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 104KB - Virtual size: 104KB

.reloc
Size: 1024B - Virtual size: 662B