e26d839d695210edbcaee8fa6dc4bfb1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e26d839d695210edbcaee8fa6dc4bfb1_JaffaCakes118
Size

216KB
MD5

e26d839d695210edbcaee8fa6dc4bfb1
SHA1

cd65098c50ee08a794b8d30a285ee6941f2524d6
SHA256

b6ee890b213c2f10061f8198d4f1b744e04f1a7aa42535d55288f90249372458
SHA512

2090a1bab0a0435708e9eef8abab27ef1eccd2f9b3ef496f9b1f7bd7b895e6a5d6459f0fad8faa7d72cad507c27478d3efc3163b5853149d7f8f4ce44d7adadd
SSDEEP

3072:ZPnI5MkVSenPBDE8jjUJLlQShUyjxs5+GrnQU9kHBqSvL2SOIYNzWu2VlDkQDaRA:ZfIlVSKJDdA9sTrnQU9kTv6SOIYEkQAA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e26d839d695210edbcaee8fa6dc4bfb1_JaffaCakes118

Files

e26d839d695210edbcaee8fa6dc4bfb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44d0c8c446e8b4edb1adc5bf2358f29a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
GetCPInfo
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
IsValidCodePage
GetEnvironmentVariableA
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
HeapFree
HeapAlloc
EnumSystemLocalesA
GetUserDefaultLCID
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
GetLocaleInfoW
LCMapStringA
LCMapStringW
SetFilePointer
SetStdHandle
FlushFileBuffers
SetErrorMode
FindFirstFileA
CreateFileA
CreateFileMappingA
MapViewOfFile
ReadFile
UnmapViewOfFile
CloseHandle
LoadResource
SizeofResource
LockResource
FreeResource
FindResourceA
FindResourceExA
FreeLibrary
GetCurrentThreadId
LoadLibraryA
GetLastError
CreateProcessA
WideCharToMultiByte
GetVersionExA
GetCurrentProcess
GetSystemDirectoryA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLCID
GetPrivateProfileStringA
lstrcatA
GetLocaleInfoA
GetWindowsDirectoryA
SetThreadLocale
lstrcpyA
GetModuleFileNameA
lstrcmpiA
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrlenA
HeapDestroy
lstrcpynA

user32

MessageBoxA
PostQuitMessage
SetTimer
GetForegroundWindow
LoadMenuA
GetSubMenu
EnableMenuItem
GetWindowThreadProcessId
AttachThreadInput
TrackPopupMenu
ModifyMenuA
DeleteMenu
DialogBoxParamA
SetForegroundWindow
WinHelpA
SetDlgItemTextA
UpdateWindow
GetAsyncKeyState
RemovePropA
SetFocus
SetPropA
GetPropA
CreatePopupMenu
InsertMenuItemA
CheckMenuItem
EnumDisplaySettingsA
DrawIcon
EnumWindows
ExitWindowsEx
MoveWindow
ShowWindow
ChangeDisplaySettingsA
GetSystemMetrics
GetMessageA
TranslateMessage
DispatchMessageA
RegisterWindowMessageA
CreateWindowExA
LoadIconA
FindWindowA
GetWindowTextA
SetWindowTextA
SetWindowPos
BeginDeferWindowPos
EnumChildWindows
EndDeferWindowPos
InvalidateRect
GetClassNameA
GetWindowRect
DeferWindowPos
SetWindowLongA
OffsetRect
DrawEdge
FillRect
DrawIconEx
GetSystemMenu
GetDesktopWindow
GetWindow
DrawStateA
DestroyIcon
SystemParametersInfoA
RegisterClassA
LoadCursorA
SetCapture
ReleaseCapture
SendMessageA
DrawTextA
SetMenuItemInfoA
GetMenuItemCount
GetMenuItemInfoA
CheckMenuRadioItem
LoadImageA
InsertMenuA
EndDialog
GetDlgItem
CheckDlgButton
EnableWindow
CheckRadioButton
PostMessageA
GetDlgItemInt
SendDlgItemMessageA
IsDlgButtonChecked
wsprintfA
KillTimer
GetWindowDC
GetSysColor
IsWindowEnabled
GetDC
ReleaseDC
CopyImage
GetUpdateRect
CopyRect
BeginPaint
EndPaint
GetWindowLongA
IsWindowVisible
GetClientRect
GetParent
DefWindowProcA
GetCursorPos
MapWindowPoints
PtInRect
SetCursor
DestroyMenu

gdi32

StretchBlt
RealizePalette
SelectPalette
GetCurrentObject
UpdateColors
SetStretchBltMode
CreateDIBitmap
CreatePalette
CreateFontIndirectA
CreateSolidBrush
MoveToEx
LineTo
Ellipse
CreatePen
GetTextExtentPoint32A
GetTextMetricsA
GetStockObject
GetDeviceCaps
CreateCompatibleDC
Rectangle
SelectClipRgn
CreateRectRgn
Polygon
SetTextColor
ExtSelectClipRgn
GetTextColor
SetBkMode
GetPaletteEntries
CreateDIBSection
ExtTextOutA
GetTextExtentPointA
ExtEscape
SelectObject
GetObjectA
DPtoLP
CreateBitmap
CreateCompatibleBitmap
GetMapMode
SetMapMode
BitBlt
GetPixel
SetBkColor
CreatePatternBrush
PatBlt
CreateDCA
DeleteDC
DeleteObject

advapi32

AdjustTokenPrivileges
RegQueryValueExA
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueA
RegCloseKey
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA

shell32

FindExecutableA
Shell_NotifyIconA

comctl32

PropertySheetA
CreatePropertySheetPageA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

winmm

timeGetTime

Sections

.text
Size: 84KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 20KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.prdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44d0c8c446e8b4edb1adc5bf2358f29a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

version

winmm

Sections

.text Size: 84KB - Virtual size: 81KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 29KB

.rsrc Size: 24KB - Virtual size: 23KB

.prdata Size: 72KB - Virtual size: 72KB

.text
Size: 84KB - Virtual size: 81KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 29KB

.rsrc
Size: 24KB - Virtual size: 23KB

.prdata
Size: 72KB - Virtual size: 72KB