26e400fa94f788303c994df64f75a07d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26e400fa94f788303c994df64f75a07d_JaffaCakes118
Size

262KB
MD5

26e400fa94f788303c994df64f75a07d
SHA1

a3ff318793498c92c53a460577d4afe26b6a8146
SHA256

d0f617b5d1c19d5fd4e9eb8344bd237a519ad85ddee4ab71ebc48243b109c604
SHA512

98e0f2fa0031331fdf4a28b04fd7b6a254c34bc13de7c3b89e553dd4b4da54e45fb8fe56e64f90b7f83b78672d86d9cedb4f5881d1f51d4ab4a5a04e27a4f708
SSDEEP

6144:8ZfrnpNAgXuZTtD6uzhVaeco8pq21L0dEsEVA8pAdCHTo:8ZfrXiBDCW21GtUpAdGs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e400fa94f788303c994df64f75a07d_JaffaCakes118

Files

26e400fa94f788303c994df64f75a07d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

6e0181896869256889716d34b847322b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ConnectNamedPipe
EnumResourceTypesA
EnumSystemCodePagesA
EscapeCommFunction
ExitProcess
ExitThread
FindFirstFileExW
FindNextFileW
GetCommMask
GetCommState
GetConsoleAliasesA
GetCurrencyFormatW
GetCurrentConsoleFont
GetDevicePowerState
GetDiskFreeSpaceExA
GetFileSize
GetModuleFileNameA
GetNumberOfConsoleFonts
GetPrivateProfileStructW
GetTapeStatus
GetVolumeInformationA
GlobalSize
GlobalUnfix
IsBadWritePtr
LoadLibraryA
MoveFileWithProgressW
QueryPerformanceCounter
RtlZeroMemory
SetConsoleScreenBufferSize
SetConsoleTextAttribute
SetErrorMode
SetLastError
SetNamedPipeHandleState
SetVDMCurrentDirectories
SetWaitableTimer
Sleep
TlsGetValue
VDMConsoleOperation
VirtualProtect
WaitForMultipleObjects
WriteConsoleOutputW
WriteFileEx
_hread
_lclose
_lwrite
lstrcmpA
lstrcmpiA

user32

AttachThreadInput
CharUpperBuffA
CheckDlgButton
CheckRadioButton
CreateAcceleratorTableA
DdeSetUserHandle
DefWindowProcA
DestroyWindow
EditWndProc
EnumDesktopsA
FillRect
GetAltTabInfoA
GetClassWord
GetMenuInfo
GetMenuState
GetScrollRange
GetTitleBarInfo
InsertMenuW
LoadIconA
MessageBeep
MessageBoxIndirectA
ModifyMenuW
OpenClipboard
ReleaseCapture
SendMessageTimeoutW
SetMessageQueue
SetProcessWindowStation
SetWindowContextHelpId
SetWindowLongA
SwapMouseButton
ToUnicode
TranslateAcceleratorA
wvsprintfA

gdi32

CreateDIBPatternBrush
CreateHalftonePalette
DeleteEnhMetaFile
EnumICMProfilesW
ExtCreateRegion
FillPath
GdiComment
GetBitmapBits
GetClipRgn
GetMiterLimit
GetPath
GetPixel
GetPixelFormat
GetRandomRgn
GetTextFaceA
GetTextFaceW
GetWindowExtEx
SelectBrushLocal
SelectFontLocal
SetDeviceGammaRamp
SetICMProfileA
SetMetaRgn
StartPage

comctl32

DrawStatusTextA
FlatSB_EnableScrollBar
FlatSB_SetScrollPos
ImageList_Draw
ImageList_GetImageCount
ImageList_Remove
ImageList_ReplaceIcon
InitializeFlatSB

shell32

DragAcceptFiles
SHFileOperationA

advapi32

BuildTrusteeWithNameA
ChangeServiceConfigW
ControlService
ConvertAccessToSecurityDescriptorA
CreateServiceA
ElfBackupEventLogFileW
ElfOpenEventLogA
EnumDependentServicesA
LsaLookupPrivilegeValue
OpenServiceA
RegLoadKeyA
RegisterEventSourceA
ReportEventA
SetSecurityDescriptorGroup

msvcrt

_c_exit
_dup2
_execl
_execlpe
_fcloseall
_fgetwchar
_getdcwd
_heapadd
_spawnle
_spawnvp
_unloaddll
_wopen
fmod
rand
wcscmp
wcstol
wcsxfrm

Exports

Exports

FdWeCefmkc
KTzwbvPWhPvxhxjcHU
Myzioiuc
QxFtVaiZqVxg
SBOyyrpap
UjiujupeocT
WikdfpBsfHw

Sections

.text
Size: 6KB - Virtual size: 661KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 248KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 206B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e0181896869256889716d34b847322b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

shell32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 6KB - Virtual size: 661KB

.data Size: 248KB - Virtual size: 256KB

.edata Size: 512B - Virtual size: 206B

.rdata Size: 2KB - Virtual size: 7KB

BSS Size: 2KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 796B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 661KB

.data
Size: 248KB - Virtual size: 256KB

.edata
Size: 512B - Virtual size: 206B

.rdata
Size: 2KB - Virtual size: 7KB

BSS
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 796B

.reloc
Size: 1KB - Virtual size: 1KB