26078ae924d92b814d899175bce08b5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26078ae924d92b814d899175bce08b5c_JaffaCakes118
Size

359KB
MD5

26078ae924d92b814d899175bce08b5c
SHA1

4c4a3a59898e946bf7bb3889ff70f97c1f7e1cdc
SHA256

cd19d05f3bbf5ef61e5235f42b454d5eb1043b5ca982db4106857fcf1fccafa1
SHA512

4de58f4b83d0fd33cd117bb2db7e7e48dc2c8dfd77824dccfba65c1670874251f3ed6443db08853b6913162bf681c575c33bdcaaa8e48afbc8aa552c82130069
SSDEEP

6144:xnhg9xr8hUnTkTkONGbfNG975DN+mTk6E+mNk6Ued9PcrpHFOA3t03GTqwV74M:EnTkTkged9PeFrt2GTzV4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26078ae924d92b814d899175bce08b5c_JaffaCakes118

Files

26078ae924d92b814d899175bce08b5c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

abebd82e82ea17906ab4966ea7c94719

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
DisableThreadLibraryCalls
InterlockedExchange
Sleep
InterlockedCompareExchange
LockResource
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
FreeLibrary
GetEnvironmentVariableA
FindResourceA
CompareFileTime
lstrcmpA
LeaveCriticalSection
EnterCriticalSection
SetLastError
GetLastError
LocalReAlloc
lstrlenW
OutputDebugStringA
ExitThread
MultiByteToWideChar
lstrlenA
LoadResource
CloseHandle
VirtualProtect
SizeofResource
GetStringTypeExW
LocalAlloc
LocalFree
InterlockedIncrement
InterlockedDecrement
lstrcpyA

advapi32

RegSetValueExW
RegQueryValueExA
SetThreadToken
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegDeleteValueW

msvcrt

free
_XcptFilter
_ltoa
_vsnprintf
_initterm
__dllonexit
_onexit
malloc
_amsg_exit
_adjust_fdiv
memset
_except_handler3
time
localtime
difftime
clock
ctime
atol
asctime

msvcp60

??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

Sections

.text
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abebd82e82ea17906ab4966ea7c94719

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

msvcp60

Sections

.text Size: 253KB - Virtual size: 253KB

.rdata Size: 35KB - Virtual size: 34KB

.data Size: 3KB - Virtual size: 39KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 54KB - Virtual size: 54KB

.text
Size: 253KB - Virtual size: 253KB

.rdata
Size: 35KB - Virtual size: 34KB

.data
Size: 3KB - Virtual size: 39KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 54KB - Virtual size: 54KB