26b603843e393002c45ae053b5086075_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26b603843e393002c45ae053b5086075_JaffaCakes118
Size

367KB
MD5

26b603843e393002c45ae053b5086075
SHA1

a46ebdce5d0e13b7d0726838f43cfb4393f59fbe
SHA256

42cd767c67604a77406bda26b7438b5b9c25a0babe16544b36de124ae03f4351
SHA512

2032204357e3950cb518b8b79d1511cc9f77030b857418119a63d7913b1120ac00c3b13b738c88261435bd449dad20a85bbdc81bcfd3f346946c9bbb7227d816
SSDEEP

6144:CdRomE8+Vd059avdgdCgMT2TyNQtpIdOsuaokucgLdOF/npkPstsy5:m37dloQtp+Oraok5g8F/pkECM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26b603843e393002c45ae053b5086075_JaffaCakes118

Files

26b603843e393002c45ae053b5086075_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d381bf1619afa6a23a24a970b1b5f19d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegOpenKeyExA
RegOpenKeyA
RegFlushKey
RegLoadKeyW
RegEnumKeyExA
RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyW
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyW
RegQueryValueExA
RegCreateKeyExW
RegCreateKeyW
RegDeleteValueW
RegCreateKeyExA
RegDeleteKeyW
RegFlushKey
RegCloseKey
RegReplaceKeyW
RegCreateKeyW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegEnumKeyExW
RegGetKeySecurity
RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA

user32

GetFocus
IsWindow
DialogBoxParamA
CloseWindow
GetDlgItem
InsertMenuA
CreateIcon
CopyImage
DrawIconEx
DrawIcon
CopyRect
GetWindowTextLengthA
GetMenu
CalcMenuBar
LoadCursorA
BlockInput
GetWindow
GetCursor
DrawTextA
InsertMenuA
CloseWindow
DrawIcon
GetDlgItem
CopyIcon
CopyImage
AlignRects
DialogBoxParamW
GetCursor
GetWindowTextLengthA
AppendMenuW
DrawTextA
AlignRects
CalcMenuBar
CopyImage
AppendMenuA
DrawTextW
GetMenu
IsWindow
GetWindowTextLengthA
DrawIconEx
DialogBoxParamA
GetWindow
GetCursor
AppendMenuA
LoadCursorA
CopyRect
GetFocus
GetMenu
CopyImage
GetWindowTextA
AlignRects

comctl32

ImageList_DragLeave
InitCommonControls
ImageList_ReplaceIcon
ImageList_DrawEx
ImageList_LoadImage
ImageList_DragMove
ImageList_GetIconSize
ImageList_Create
ImageList_Write
ImageList_GetIcon

kernel32

DeleteFileA
OpenFileMappingA
GetConsoleMode
GlobalFree
OpenFile
CopyFileExA
CopyFileA
DeleteFileW
CreateProcessA
FindFirstFileA
Sleep
CopyFileW
DeleteAtom
GetConsoleMode
GetFileTime
DeleteAtom
CopyFileW
ReadConsoleA
Sleep
GetStdHandle
ExitThread
CopyFileExW
ReadConsoleW
CreateProcessA
CreateDirectoryA
DeleteFileA
FindFirstFileA
GetFileSize
GetLastError
CopyFileA
WriteFile

Sections

DATA
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 348KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.b8381
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 871B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 236KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d381bf1619afa6a23a24a970b1b5f19d

Headers

File Characteristics

Imports

advapi32

user32

comctl32

kernel32

Sections

DATA Size: 12KB - Virtual size: 11KB

.rdata Size: - Virtual size: 1KB

.data Size: - Virtual size: 694B

.bss Size: 348KB - Virtual size: 348KB

.b8381 Size: 3KB - Virtual size: 3KB

.edata Size: 1024B - Virtual size: 871B

.rsrc Size: 512B - Virtual size: 236KB

DATA
Size: 12KB - Virtual size: 11KB

.rdata
Size: - Virtual size: 1KB

.data
Size: - Virtual size: 694B

.bss
Size: 348KB - Virtual size: 348KB

.b8381
Size: 3KB - Virtual size: 3KB

.edata
Size: 1024B - Virtual size: 871B

.rsrc
Size: 512B - Virtual size: 236KB