JaffaCakes118_26a26648b072b369ba886bcc5f172124

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_26a26648b072b369ba886bcc5f172124
Size

195KB
MD5

26a26648b072b369ba886bcc5f172124
SHA1

c80dc1729ebde0ef2de4bfad3a657ab8d64213ca
SHA256

0efdeac4aa358ae94edb273aa8f1b1c0dc1a35e7998863cd7a619db7dc2b4075
SHA512

d1d5723982cc00711709b4c4ecf964f49aa2fd93ec41b7a03b66aa8959021cc33dee81002fb330f8f0ca1283ecdd465753893f00be359cf1e5c0b3a2c5645181
SSDEEP

3072:vX7W2w361byPzWmcfHEc6+KokA4O6foLSGAiOHc9kxPsCI381cY4i5:a2a61HfkL8J6Y/qxPzI381KG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_26a26648b072b369ba886bcc5f172124

Files

JaffaCakes118_26a26648b072b369ba886bcc5f172124
.exe windows:4 windows x86 arch:x86

37d2ac183c8153a4f72cc1ee7c2c8e27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateFiberEx
FlushFileBuffers
FileTimeToSystemTime
SetEndOfFile
GetFileTime
SetCommConfig
SearchPathW
LocalAlloc
GetUserDefaultLangID
GetVolumeInformationW
GetFileType
EnumResourceNamesW
UnlockFile
IsDBCSLeadByte
CompareStringW
VerLanguageNameW
FileTimeToLocalFileTime
FlushFileBuffers
GetProfileStringW
FindResourceExA
GetVersionExW
GetSystemTime
LockFile
GetFileAttributesA
GetSystemDirectoryW

shlwapi

PathStripToRootW
PathIsRelativeW
PathIsRootW
PathCanonicalizeW
PathIsURLW
PathCombineW

user32

GetSysColorBrush
WinHelpW
IsClipboardFormatAvailable
ToAscii
UnhookWindowsHookEx
EmptyClipboard
CallNextHookEx
ClipCursor
RegisterClassW
MonitorFromWindow
DestroyIcon
SetClipboardData
SetWindowPos
SetWindowsHookExW
DestroyCursor
DrawEdge
DefWindowProcW
ChildWindowFromPoint
SetScrollRange
GetSysColor

comdlg32

GetFileTitleA

ole32

RevokeDragDrop
StgCreateDocfileOnILockBytes
OleDuplicateData
CoFreeUnusedLibraries
CoCreateGuid
GetHGlobalFromILockBytes
CoCreateInstance
CoGetMalloc
ProgIDFromCLSID
CreateStreamOnHGlobal
CoTaskMemAlloc
ReleaseStgMedium
CoGetClassObject
RegisterDragDrop
OleRegGetUserType
OleGetAutoConvert
CLSIDFromString
CLSIDFromProgID
CoTaskMemFree
StringFromCLSID
StgOpenStorageOnILockBytes
GetHGlobalFromStream
OleRun
CreateILockBytesOnHGlobal

rpcrt4

RpcBindingSetAuthInfoA
NdrClientCall
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

gdi32

GetBitmapBits
AnimatePalette
SetStretchBltMode
CreatePen
ExtCreatePen
RoundRect
GetBkColor
PolyBezier
GetPath
StrokePath
SetTextColor
PlgBlt
FlattenPath
CreateFontIndirectA
SetDIBits

comctl32

ImageList_GetIconSize
ImageList_DrawEx
ImageList_Create
ImageList_Add
ImageList_Destroy

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37d2ac183c8153a4f72cc1ee7c2c8e27

Headers

File Characteristics

Imports

kernel32

shlwapi

user32

comdlg32

ole32

rpcrt4

gdi32

comctl32

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 13KB - Virtual size: 13KB

.lib Size: 512B - Virtual size: 216KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 13KB - Virtual size: 13KB

.lib
Size: 512B - Virtual size: 216KB