026ec886b4d077b61b4232d2675ba815_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

026ec886b4d077b61b4232d2675ba815_JaffaCakes118
Size

230KB
MD5

026ec886b4d077b61b4232d2675ba815
SHA1

5cf8ac50edfc23fba4d4ddd4db5bb02c7c4cdef9
SHA256

7250cd5cf64798f1b30bfeb6208df1f00259fefcd39a3b263dd8e75bb52907d2
SHA512

8c3959f890068739667dc11ab33a8dabdc929f23212cb5de101a9a0683ad58893f0cc8e8ce30bf4594061274aea5481648b3c2b1b3125bb060d6f62afc8f5edb
SSDEEP

3072:Myill44WhjvjJdeYPzVaBKpNn9PyekNcWM0MSgmI+dyiWGCXVJA+QntzcMEmcq3m:My/14YhWw0K9bmI+kiOItRcq3hU8Af

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
026ec886b4d077b61b4232d2675ba815_JaffaCakes118

Files

026ec886b4d077b61b4232d2675ba815_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6856b195d7489635f05ad7ee2a197bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadPriority
GetProcessHeap
ReplaceFileW
LoadLibraryExA
WinExec
LoadLibraryA
lstrcmp
lstrcpynA
GetVolumeInformationA
GetModuleFileNameA
GetProcAddress
LocalFree
GetDiskFreeSpaceW
GetVersionExW
GetModuleFileNameW
GetEnvironmentVariableW
RaiseException
MoveFileW
GlobalGetAtomNameA
OpenMutexW
GetStringTypeW
GetLongPathNameW
LocalAlloc
GetLocalTime
CreateEventW
SetComputerNameA
GetCurrentProcessId
EnumCalendarInfoA
GetHandleInformation
Sleep
CreateEventA
GetSystemDefaultLCID
CopyFileExW
IsValidCodePage
GetProcessHeaps
GlobalDeleteAtom
WaitForMultipleObjects
lstrcpyA
SetCurrentDirectoryA

user32

InvalidateRgn
SetWindowPos
GetMenuStringA
WaitForInputIdle
RegisterClassExA
LoadBitmapW
ShowCaret
MonitorFromRect
GetCapture
ShowWindow
SetDlgItemInt
EndMenu
PeekMessageA
CreateAcceleratorTableA
MessageBoxW
DestroyCursor
InsertMenuItemA
WinHelpA
MonitorFromPoint
GetClassInfoExA
FindWindowW
IsMenu
LoadCursorW
GetClassInfoA
PostMessageA
GetKeyboardLayout
RemoveMenu
GetMenuStringW
SetWindowLongW
GetMenuItemRect
SendDlgItemMessageA
OffsetRect
GetMenu
IsIconic
GetScrollPos
DestroyIcon
InsertMenuItemW
wvsprintfA
LoadIconA
CheckMenuItem
EmptyClipboard
RegisterClassW
CharNextA
CharPrevW
UnregisterClassA
ShowCursor
wsprintfA
CharLowerA
TrackPopupMenuEx
keybd_event
WaitMessage
GetForegroundWindow
DialogBoxParamA
RegisterClassExW
AppendMenuW
CreateWindowExA
CharLowerW
CharNextW
LoadImageA
SetDlgItemTextW
GetMessageW
GetMenuState
GetMenuItemInfoW
UnregisterClassW
CreateDialogParamA
EnableWindow
GetKeyboardType
GetClassInfoExW
DialogBoxIndirectParamA
CreateDesktopA
GetCursorPos
DestroyMenu
MessageBeep
GetDCEx
GetActiveWindow
InsertMenuA
LoadMenuIndirectA
CreateDialogIndirectParamA
wsprintfW
GetKeyState
GetSystemMetrics
PeekMessageW
SetDlgItemTextA
DialogBoxParamW
MonitorFromWindow
FindWindowA
MessageBoxIndirectW
GetClassInfoW
AppendMenuA

gdi32

CreatePolygonRgn
CreateScalableFontResourceA
CreateSolidBrush
CreateDIBPatternBrushPt
GetRasterizerCaps
UpdateICMRegKeyW
CreateMetaFileA
CreateICA
GetStockObject
GetEnhMetaFilePixelFormat
GdiGetBatchLimit
GetEnhMetaFileW
RemoveFontResourceExW
GetMetaFileW
CreateBitmap
GetMetaFileA
CreateDIBPatternBrush
CreateFontIndirectW
CreatePen
CreateFontA
SetMetaFileBitsEx
TranslateCharsetInfo

shell32

Shell_NotifyIconA
StrRStrIW
StrChrW
SHCreateDirectoryExA
StrCmpNA
StrStrIW
ExtractAssociatedIconW
SHGetFolderPathA

comdlg32

GetSaveFileNameW
PrintDlgA
FindTextA
PageSetupDlgA
GetFileTitleW
GetOpenFileNameW
GetSaveFileNameA

ole32

CoCreateInstance

urlmon

CoInternetQueryInfo
CoInternetGetSession
URLDownloadA
CoInstall
CoInternetCreateSecurityManager
CoGetClassObjectFromURL
HlinkNavigateMoniker
RegisterMediaTypes
CoInternetCombineUrl
CoInternetCompareUrl
RegisterMediaTypeClass
CreateURLMoniker
FindMimeFromData

wsock32

htons
WSAAsyncGetServByName
WSAAsyncGetProtoByName
WSAUnhookBlockingHook
GetServiceA
rresvport
accept
GetAcceptExSockaddrs
GetServiceW
inet_addr
WSARecvEx
getnetbyname
WSAGetLastError
ntohl
ioctlsocket
SetServiceA

Sections

.RU
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ssrPLC
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RNcIsm
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Zq
Size: 5KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.D
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.N
Size: 10KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Q
Size: 3KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6856b195d7489635f05ad7ee2a197bf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

urlmon

wsock32

Sections

.RU Size: 4KB - Virtual size: 3KB

.ssrPLC Size: 90KB - Virtual size: 90KB

.RNcIsm Size: 13KB - Virtual size: 13KB

.Zq Size: 5KB - Virtual size: 43KB

.D Size: 88KB - Virtual size: 88KB

.N Size: 10KB - Virtual size: 129KB

.Q Size: 3KB - Virtual size: 132KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.RU
Size: 4KB - Virtual size: 3KB

.ssrPLC
Size: 90KB - Virtual size: 90KB

.RNcIsm
Size: 13KB - Virtual size: 13KB

.Zq
Size: 5KB - Virtual size: 43KB

.D
Size: 88KB - Virtual size: 88KB

.N
Size: 10KB - Virtual size: 129KB

.Q
Size: 3KB - Virtual size: 132KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B