26f3f574564558581860ff64d6fd3c29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26f3f574564558581860ff64d6fd3c29_JaffaCakes118
Size

1.4MB
MD5

26f3f574564558581860ff64d6fd3c29
SHA1

7d40bbefe2d531b8b76393e4521e3494ce11d896
SHA256

f7cb76f681ae93131f90058cd751ba87b4d03c61a28d143c5c044be325b4d4c8
SHA512

061115dde42f108c386bae1c679e8a8e80e909fb5cadaae7c152ae74c6bf6293976c80d0dce2f5e1939a15e76efde20e074312d8f1498cb14cde926441cd7b63
SSDEEP

24576:1n78W0LdrekyV+s5gEGfI3yyD1Lys29n6N8dZK6vuvoWrIQg7DcRdzrCU0t1:iWQrGb5gDf+DIDnJK+kJg7Ir/CTt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f3f574564558581860ff64d6fd3c29_JaffaCakes118

Files

26f3f574564558581860ff64d6fd3c29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cc29f9b6a55815526bbe3234bf46113c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

FindTextW
ChooseFontA
PrintDlgA
ChooseColorW
GetSaveFileNameA
GetSaveFileNameW
ReplaceTextW
GetFileTitleW
ReplaceTextA
GetOpenFileNameA
GetOpenFileNameW
GetFileTitleA
ChooseColorA
FindTextA
PageSetupDlgA
PageSetupDlgW

advapi32

CryptGetKeyParam
StartServiceW
LookupAccountNameW
RegOpenKeyA
RegSetKeySecurity
InitializeSecurityDescriptor
RegLoadKeyW
AbortSystemShutdownA
RegDeleteValueA
LogonUserA
CryptEnumProviderTypesW
RegSetValueW
CryptContextAddRef

wininet

InternetOpenUrlA
InternetSetDialStateA
CommitUrlCacheEntryA
InternetAlgIdToStringA
GetUrlCacheConfigInfoW

shell32

ExtractAssociatedIconA
ShellExecuteExW
FindExecutableA
CommandLineToArgvW
RealShellExecuteExW
SHChangeNotify

kernel32

HeapSize
CreateEventA
LocalAlloc
VirtualAlloc
IsDebuggerPresent
GetCommandLineA
GetModuleFileNameA
EnumSystemLocalesA
GetStdHandle
GetVersionExA
LoadLibraryA
TlsAlloc
TerminateProcess
FreeEnvironmentStringsW
MultiByteToWideChar
GetACP
RtlUnwind
DeleteCriticalSection
SetConsoleCtrlHandler
HeapReAlloc
SetLastError
GetSystemTimeAsFileTime
GetModuleHandleA
TlsSetValue
GetStringTypeW
CompareStringA
ExitProcess
GetCPInfo
TlsGetValue
TlsFree
Sleep
WideCharToMultiByte
EnumDateFormatsExW
GetDateFormatA
VirtualQuery
GlobalCompact
HeapCreate
LCMapStringA
IsValidCodePage
GetCurrentThreadId
GetTimeZoneInformation
InterlockedIncrement
SetEnvironmentVariableA
HeapValidate
GetLastError
GetEnvironmentStrings
GetEnvironmentStringsW
CompareStringW
InterlockedExchange
HeapDestroy
UnhandledExceptionFilter
LCMapStringW
GetProcAddress
EnterCriticalSection
FreeEnvironmentStringsA
QueryPerformanceCounter
GetStringTypeA
HeapAlloc
SetHandleCount
VirtualFree
LeaveCriticalSection
GetProcessHeap
GetCurrentProcess
InitializeCriticalSection
GetTickCount
GetCurrentThread
FreeLibrary
HeapFree
GetUserDefaultLCID
GetLocaleInfoA
SetUnhandledExceptionFilter
GetTimeFormatA
IsValidLocale
GetOEMCP
GetStartupInfoA
WriteConsoleInputA
GetThreadLocale
GetLocaleInfoW
GetFileType
InterlockedDecrement
GetCurrentProcessId
WriteFile

gdi32

PaintRgn
GetRandomRgn
CreateHalftonePalette
ExtFloodFill
GetGraphicsMode
GetTextCharset

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc29f9b6a55815526bbe3234bf46113c

Headers

File Characteristics

Imports

comdlg32

advapi32

wininet

shell32

kernel32

gdi32

Sections

.text Size: 112KB - Virtual size: 111KB

.data Size: 1.3MB - Virtual size: 1.3MB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 112KB - Virtual size: 111KB

.data
Size: 1.3MB - Virtual size: 1.3MB

.rsrc
Size: 14KB - Virtual size: 14KB