d26eaa9ac6fc6635d133ea213f1c1514_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d26eaa9ac6fc6635d133ea213f1c1514_JaffaCakes118
Size

552KB
MD5

d26eaa9ac6fc6635d133ea213f1c1514
SHA1

c24719486319beec7ee78d4dfea86e6342ff48c1
SHA256

0371665256feb49c5287c2378a3b50ee673bf13fd69849fcfa664df1fa3d3410
SHA512

9343656ced0f579f0c2fdeb4cce486e977611ca872234336530780385b830adf879f9cdb0a8d41c381deb57abaa688f9074a74fba6d9d9973ddb594f7881c4a3
SSDEEP

12288:j1CEvLLTRp/0PlnJk69Zd5mzG7D0jdY7uQN3T:J3rAjtmKCdYdN3T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d26eaa9ac6fc6635d133ea213f1c1514_JaffaCakes118

Files

d26eaa9ac6fc6635d133ea213f1c1514_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d36d508d23bced67c786da9f907191a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

InitiateSystemShutdownA
RegOpenKeyExW
LookupSecurityDescriptorPartsA
RegDeleteKeyW
RegReplaceKeyW

comctl32

InitCommonControlsEx

shell32

SHEmptyRecycleBinW

user32

IsCharAlphaNumericW
InflateRect
SetParent
SendDlgItemMessageW
GetClassLongW
ChangeDisplaySettingsExW
RegisterClassExA
IsDlgButtonChecked
GetScrollPos
ChangeDisplaySettingsA
ReuseDDElParam
EnumWindows
TranslateAcceleratorA
RegisterClassA
CreateMDIWindowW
SendNotifyMessageA
MapDialogRect
UnloadKeyboardLayout
GetMonitorInfoW
ExcludeUpdateRgn
MapVirtualKeyExA

kernel32

TlsSetValue
SetFilePointer
LCMapStringA
HeapDestroy
HeapSize
GetEnvironmentVariableW
HeapReAlloc
InterlockedDecrement
HeapFree
SetConsoleCtrlHandler
GetStringTypeW
FreeEnvironmentStringsW
MoveFileExW
GetOEMCP
VirtualQuery
SetUnhandledExceptionFilter
SetEnvironmentVariableA
GetFileAttributesW
GetDriveTypeA
GetProcAddress
GetDateFormatA
GetEnvironmentStringsW
GetModuleHandleW
SetLastError
GetCurrentThread
GetUserDefaultLCID
GetLocaleInfoW
GetModuleHandleA
ExitProcess
FreeEnvironmentStringsA
ResumeThread
InterlockedExchange
IsValidCodePage
IsValidLocale
SetThreadIdealProcessor
lstrcpynA
OpenMutexA
InitializeCriticalSectionAndSpinCount
UnlockFileEx
GetCurrentProcess
HeapAlloc
GetLocaleInfoA
EnterCriticalSection
VirtualAlloc
ReadFile
MultiByteToWideChar
GetStdHandle
CreateMutexA
GetACP
VirtualFree
IsDebuggerPresent
TlsGetValue
DeleteCriticalSection
GetCPInfo
GetConsoleTitleA
GetStringTypeA
EnumSystemLocalesA
QueryPerformanceCounter
InterlockedIncrement
TlsAlloc
WriteConsoleW
GetFileType
GetTickCount
GlobalFindAtomA
GetConsoleMode
RtlUnwind
GetEnvironmentStrings
WriteConsoleA
GetSystemTimeAsFileTime
DeleteFileA
TerminateProcess
GetModuleFileNameA
LoadLibraryA
DeleteFiber
GetConsoleOutputCP
CreateFileA
Sleep
LCMapStringW
FreeLibrary
FindNextChangeNotification
LeaveCriticalSection
SetStdHandle
GetCommandLineA
SetHandleCount
GetTimeFormatA
WideCharToMultiByte
UnhandledExceptionFilter
GetStartupInfoA
CompareStringW
FlushFileBuffers
GetConsoleCP
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
TlsFree
CompareStringA
GetTimeZoneInformation
WriteFile
GetLastError
HeapCreate
WritePrivateProfileSectionW

gdi32

PlayMetaFileRecord
StretchDIBits
CreatePen
GetObjectA
GetWorldTransform
SetMetaFileBitsEx
GetMetaRgn
GetTextColor
EndPath
ResetDCW
GetTextMetricsW
DeleteMetaFile
GetEnhMetaFileDescriptionA
DeleteObject
TextOutW
EnumObjects
FloodFill
CreateFontA
SetFontEnumeration
GetNearestPaletteIndex
MaskBlt
InvertRgn
CloseMetaFile

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d36d508d23bced67c786da9f907191a

Headers

File Characteristics

Imports

advapi32

comctl32

shell32

user32

kernel32

gdi32

Sections

.text Size: 220KB - Virtual size: 220KB

.rdata Size: 10KB - Virtual size: 35KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 3KB - Virtual size: 3KB

.text
Size: 220KB - Virtual size: 220KB

.rdata
Size: 10KB - Virtual size: 35KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 3KB - Virtual size: 3KB