26f736919ae68489bf0eb4227e8ce50c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26f736919ae68489bf0eb4227e8ce50c_JaffaCakes118
Size

280KB
MD5

26f736919ae68489bf0eb4227e8ce50c
SHA1

bae80513e23a411634a12aa7ee54fdeb77a90c0a
SHA256

1a1a01a08e9688db97030875fcbb4c479afe9ada1d6c693b0df4b2baf9c94c24
SHA512

1181f3945d5a2456f45b062ab0ce0baf1e6fcfc6c7a8d9be3b0123386c9709c300ac59e0e9d34689ea751ea5638197ed1dc79014c4f4c0dfc38807ad7c7d0bce
SSDEEP

6144:Zn676nmyYD7DIEc8j10npj0EN6sso+pV:V676nmyYD7EKaN4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f736919ae68489bf0eb4227e8ce50c_JaffaCakes118

Files

26f736919ae68489bf0eb4227e8ce50c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fe37c8e151dad1e7d02c7d5d8cda1bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

RegisterTypeLi

gdi32

GetCurrentObject
GetWinMetaFileBits
StartDocW
AddFontResourceExW
CreateMetaFileW
DeleteEnhMetaFile
DeleteMetaFile
GetCharWidthA
GetMapMode
FrameRgn
ExtTextOutW
GetEnhMetaFileHeader
PtInRegion
ExtCreateRegion
Polygon
SetMapperFlags
GetTextColor
CreateICW
CreateRectRgnIndirect
AnimatePalette
FillRgn
GetTextExtentPointW
SelectObject
GetBitmapBits

kernel32

FreeEnvironmentStringsA
CreateFileW
GetCurrentDirectoryA
GetStartupInfoW
FindFirstFileA
lstrcatA
HeapFree
CreateEventW
GetComputerNameW
GetConsoleOutputCP
GetVolumeInformationW
ExpandEnvironmentStringsW
SystemTimeToTzSpecificLocalTime
GetCurrentThread
GetProcessHeap
SetWaitableTimer
GetPrivateProfileIntW
GetCommandLineA
GetQueuedCompletionStatus
GetDateFormatW
LeaveCriticalSection
GetEnvironmentStringsW
GetEnvironmentVariableW
TerminateThread
SetUnhandledExceptionFilter
GlobalAddAtomW
FlushFileBuffers
GetCurrentThreadId
InterlockedCompareExchange
LocalFileTimeToFileTime
DeleteCriticalSection
GetLocalTime
GetTimeFormatA
SetThreadLocale
VirtualQuery
GetSystemDefaultLCID
GetFileAttributesExW
EnumResourceNamesW
lstrcpynA
FormatMessageW
CreateDirectoryA
LCMapStringA
LocalReAlloc
OpenFile
GetNumberFormatW
GetTempPathA
GetDiskFreeSpaceExW
QueryPerformanceFrequency
WaitForMultipleObjects
GetModuleHandleW
CompareStringW
FreeResource
GetEnvironmentVariableA
WritePrivateProfileSectionA
IsDBCSLeadByte
SetFilePointer
GetCommandLineW
GetEnvironmentStrings
GetSystemTime
OpenEventW
OpenProcess
WriteConsoleA
GlobalReAlloc
WriteFile
GetDiskFreeSpaceW
CopyFileA
GetVersionExW
GlobalUnlock
OpenFileMappingA
TlsSetValue
_lread
CreateNamedPipeA
HeapCreate
CompareStringA
QueryDosDeviceA
IsValidLocale
GetLastError
FileTimeToLocalFileTime
LoadLibraryW
MoveFileA
TlsGetValue
FlushInstructionCache
GetFileSize
CreateSemaphoreW
GetVolumeInformationA
GetOverlappedResult
GetUserDefaultLangID
CopyFileW
LockResource
CreateTimerQueueTimer
FreeEnvironmentStringsW
MoveFileExW
OpenEventA
SetHandleCount
GetTimeZoneInformation
GetStringTypeW
GlobalAddAtomA
ConvertDefaultLocale
SetFilePointerEx
GetStartupInfoA
FindResourceW
GetFileAttributesW
CreateDirectoryW
CreateMutexA
GetLogicalDriveStringsW
VirtualAlloc
SystemTimeToFileTime
WinExec
GetModuleHandleA

user32

MapWindowPoints
GetActiveWindow
ReplyMessage
RedrawWindow
SendMessageW
ShowCaret
CharPrevW
DdeCreateDataHandle
AdjustWindowRectEx
GetClassInfoA
GetClientRect
GetSysColorBrush
GetDialogBaseUnits
MessageBoxIndirectW
FillRect
SetMenuItemBitmaps
InvertRect
ModifyMenuW
DialogBoxIndirectParamA
SetScrollInfo
BringWindowToTop
GetDlgItemTextW
SetClipboardData
MessageBoxW
PeekMessageA
GetDlgItemTextA
DrawMenuBar
GetDlgCtrlID
TabbedTextOutA
RegisterClassA
SetWindowsHookExA
GetClipboardFormatNameA
DrawFocusRect
OpenClipboard
DdeConnect
LoadKeyboardLayoutA
GetKeyState
SetCapture
GetMenuItemID
GetSysColor
RegisterClipboardFormatA
SetTimer
DefFrameProcA
GetWindowPlacement
SetRectEmpty
ShowCursor
CreateDialogParamW
LoadIconA
CopyImage
LoadMenuW
DispatchMessageA
SetActiveWindow
GetMenuItemCount
SetWindowPos
SetWindowLongA
CopyRect
IsWindow
GetWindowRect
ClientToScreen
CharNextA
IsClipboardFormatAvailable

ole32

CoSuspendClassObjects
CoRevokeClassObject
CoGetClassObject
CoResumeClassObjects
CLSIDFromProgID
SetConvertStg

winspool.drv

DeletePrinterDriverA

advapi32

RegQueryValueW
GetTokenInformation
LookupPrivilegeValueW
CryptDestroyHash
AddAccessAllowedAce
OpenServiceW
RegCreateKeyW
AllocateAndInitializeSid
GetUserNameA
RegQueryValueA
CheckTokenMembership
CreateProcessAsUserW
GetSecurityDescriptorControl
DeregisterEventSource
RegCreateKeyExA
AddAce
RegOpenKeyW
StartServiceCtrlDispatcherW
DuplicateTokenEx

version

GetFileVersionInfoA

msvcrt

atoi
_c_exit
_setmbcp
sprintf
floor
wcsncmp
isdigit
_strlwr
_errno
wcspbrk
ceil
wcschr
_wtol
_wtoi
strrchr
isspace
_expand
atof
free
fclose
swprintf
bsearch
atol
rand
time
memmove
exit
strchr
fread
_wcsupr
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
calloc

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0fe37c8e151dad1e7d02c7d5d8cda1bb

Headers

File Characteristics

Imports

oleaut32

gdi32

kernel32

user32

ole32

winspool.drv

advapi32

version

msvcrt

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 68KB - Virtual size: 65KB

.data Size: 12KB - Virtual size: 10KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 68KB - Virtual size: 65KB

.data
Size: 12KB - Virtual size: 10KB