26721ec1bbae64a6c10bf4b2afc5c5d2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26721ec1bbae64a6c10bf4b2afc5c5d2_JaffaCakes118
Size

193KB
MD5

26721ec1bbae64a6c10bf4b2afc5c5d2
SHA1

00530705eba9bc7d66f8a71de6bfad0774daa707
SHA256

f80bf437f034db5fa67ed201813755d174037dfe870343f0f2807266a3110aac
SHA512

7fa5773be159375b8fe26d6c0d8460aeb11b68abbd9b8f4693b792619852bad232c2b8597d8167c688a421a0dfc8c9e1dc7938f1ff4435eb78c37766d89b6064
SSDEEP

3072:5n7VsgC36D4X2RwUj1OAXGzNKfcg0yaaHSotQ3ewdlfCkAEjafq:dZs1368XWwKOA24fE/IFQ3hl3jaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26721ec1bbae64a6c10bf4b2afc5c5d2_JaffaCakes118

Files

26721ec1bbae64a6c10bf4b2afc5c5d2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1999a4fd8962d4d94ff816214e06e06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

gdi32

GetTextColor
GetCurrentPositionEx
GetBkMode
GetClipBox
CreateDIBSection

user32

GetKeyboardLayoutList
GetKeyNameTextA
WaitMessage
EndPaint
SetActiveWindow
GetDesktopWindow
RegisterClassA
ReleaseCapture
CallNextHookEx
GetScrollRange
ChildWindowFromPoint
CreateMenu
ShowOwnedPopups
GetWindowPlacement
LoadBitmapA
SetMenuItemInfoA
UnhookWindowsHookEx
GetSystemMetrics
GetDCEx
RegisterWindowMessageA
RedrawWindow
EqualRect
LoadStringA
SetWindowTextA
GetCapture
SetPropA
IsDialogMessageW
DefWindowProcA
GetLastActivePopup
MoveWindow
EnumWindows
GetSystemMenu
DestroyIcon
LoadKeyboardLayoutA
GetWindowThreadProcessId
GetSysColor
RegisterClipboardFormatA
EnableScrollBar

shell32

DragQueryFileA

shlwapi

PathIsDirectoryA
SHGetValueA
SHQueryValueExA
SHStrDupA

kernel32

GlobalAddAtomA
GetVersionExA
GlobalDeleteAtom
GlobalAlloc
GlobalFindAtomA
VirtualAlloc

Exports

Exports

_nFC9bJ_kx7UOkH
5ulE6Z2swH@4
kSz45Gx71RL

Sections

.text
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 155KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1999a4fd8962d4d94ff816214e06e06

Headers

File Characteristics

Imports

gdi32

user32

shell32

shlwapi

kernel32

Exports

Exports

Sections

.text Size: 10KB - Virtual size: 12KB

.data Size: 155KB - Virtual size: 156KB

.tls Size: 2KB - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 124KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 20KB - Virtual size: 24KB

.text
Size: 10KB - Virtual size: 12KB

.data
Size: 155KB - Virtual size: 156KB

.tls
Size: 2KB - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 124KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 20KB - Virtual size: 24KB