26aa2363c75fe35a355ab86942bdc7f0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26aa2363c75fe35a355ab86942bdc7f0_JaffaCakes118
Size

556KB
MD5

26aa2363c75fe35a355ab86942bdc7f0
SHA1

1630c9bac8ae94eb8329678b6dac1fa4521cdde0
SHA256

c1e967f3cc7f220833463ef60f3442a869f3510fa0dea5425af093a1f4183f8d
SHA512

ecf586c4de67c303c75b8f10db010e5063cee2a4744d53ce2859550bc01549927114016cace4a0ec8756692e9f6a04da439752ca7bebfaa6ca29cb6a63c6744b
SSDEEP

12288:oHximv9IgbYQ9pDTYwjIWA8Q/kapRk3yjSRU:oFIWHn6WAH/uy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26aa2363c75fe35a355ab86942bdc7f0_JaffaCakes118

Files

26aa2363c75fe35a355ab86942bdc7f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

63a3d0b07eddd8cd1a8b16b8e215ddde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetTickCount
SetStdHandle
FlushFileBuffers
GetSystemInfo
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
VirtualQuery
InterlockedExchange
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
WriteFile
LCMapStringW
GetThreadPriority
LCMapStringA
GetCPInfo
GetOEMCP
GetACP
HeapSize
SetUnhandledExceptionFilter
GetDriveTypeA
IsBadWritePtr
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetSystemTimeAsFileTime
GetVersionExA
GetCommandLineA
GetStartupInfoA
GetCurrentProcess
TerminateProcess
ExitProcess
HeapAlloc
MultiByteToWideChar
RaiseException
GetFullPathNameA
HeapFree
RtlUnwind
CreateDirectoryA
QueryPerformanceFrequency
CreateMutexA
GetLastError
DeleteFileA
WaitForSingleObject
CreateThread
CreateFileA
CloseHandle
ReadFile
GetFileSize
FindNextFileA
FindFirstFileA
FindClose
GetModuleFileNameA
lstrcmpiA
lstrcmpA
FindResourceA
LoadResource
SizeofResource
LockResource
Sleep
GetCurrentThreadId
GetFileAttributesExA
SetThreadPriority
GetCurrentThread
GetVersion
LoadLibraryA
FreeLibrary
GetProcAddress
QueryPerformanceCounter
GetModuleHandleA
GetCurrentDirectoryA
WideCharToMultiByte
GetFileAttributesA
SetEndOfFile

user32

IsWindowVisible
EnumThreadWindows
SetDlgItemTextA
EndDialog
GetDlgItem
SendMessageA
GetWindowTextLengthA
GetWindowTextA
SetTimer
GetDlgItemInt
SetDlgItemInt
CheckRadioButton
GetDlgItemTextA
DestroyAcceleratorTable
IsWindow
SetMenuInfo
GetMenuItemInfoA
CreateAcceleratorTableA
CopyAcceleratorTableA
GetParent
CallNextHookEx
KillTimer
BeginPaint
EndPaint
GetDC
ReleaseDC
LoadStringA
EnumDisplaySettingsA
CheckMenuItem
GetSubMenu
EnableMenuItem
GetMenuItemCount
DeleteMenu
AppendMenuA
GetMenuState
SetRect
FindWindowA
RegisterClassExA
LoadAcceleratorsA
LoadIconA
LoadBitmapA
CheckDlgButton
IsDlgButtonChecked
PostMessageA
ScreenToClient
TrackPopupMenu
UpdateWindow
LoadMenuA
RemoveMenu
DestroyMenu
TranslateAcceleratorA
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
SetFocus
SetMenuItemInfoA
SetWindowLongA
CreateDialogParamA
GetWindowRect
CreateWindowExA
LockWindowUpdate
UnhookWindowsHookEx
SetWindowsHookExA
EnableWindow
InvalidateRect
SetForegroundWindow
IsIconic
SetWindowTextA
GetMenuBarInfo
AdjustWindowRectEx
GetSystemMetrics
IsZoomed
SetWindowPos
DialogBoxParamA
ClientToScreen
GetClientRect
LoadCursorA
ShowCursor
MessageBoxA
PostQuitMessage
SetCursor
DefWindowProcA
DestroyWindow
GetMenu
ShowWindow
SetMenu
RegisterWindowMessageA

gdi32

Rectangle
CreateSolidBrush
SelectObject
CreatePen
DeleteObject
GetStockObject
GetTextMetricsA
TextOutA
SetTextColor
SetBkMode
SetBkColor
GetSystemPaletteEntries
GetDeviceCaps

comdlg32

FindTextA
GetOpenFileNameA
ChooseColorA

advapi32

RegDeleteValueA
RegOpenKeyExA
RegEnumValueA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA
DragQueryPoint
SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA
SHChangeNotify
DragQueryFileA

winmm

timeBeginPeriod
timeGetDevCaps
mmioDescend
mmioSetInfo
mmioSeek
mmioAdvance
timeEndPeriod
mmioCreateChunk
mmioAscend
mmioGetInfo
mmioWrite
mmioClose
mmioOpenA
timeGetTime

shlwapi

StrCmpNIA
PathFindExtensionA
SHDeleteKeyA
StrCmpNA
PathFindFileNameA

dsound

ord2
ord11

dinput8

DirectInput8Create

ddraw

DirectDrawEnumerateExA
DirectDrawCreateEx

comctl32

ImageList_Create
ImageList_Add
ord17
ImageList_Destroy

Sections

.text
Size: 384KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

63a3d0b07eddd8cd1a8b16b8e215ddde

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

winmm

shlwapi

dsound

dinput8

ddraw

comctl32

Sections

.text Size: 384KB - Virtual size: 756KB

.text1 Size: 20KB - Virtual size: 16KB

.rdata Size: 48KB - Virtual size: 302KB

.data Size: 16KB - Virtual size: 29KB

.data1 Size: 44KB - Virtual size: 42KB

.rsrc Size: 40KB - Virtual size: 37KB

.text
Size: 384KB - Virtual size: 756KB

.text1
Size: 20KB - Virtual size: 16KB

.rdata
Size: 48KB - Virtual size: 302KB

.data
Size: 16KB - Virtual size: 29KB

.data1
Size: 44KB - Virtual size: 42KB

.rsrc
Size: 40KB - Virtual size: 37KB