26473859f4bc1dd9518f349f5b5709a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26473859f4bc1dd9518f349f5b5709a8_JaffaCakes118
Size

546KB
MD5

26473859f4bc1dd9518f349f5b5709a8
SHA1

6f90c155dd263ac2e884176220ffee42e2d3eabd
SHA256

eecb54fc1347d8af4e1dcd7c207f0bcf2b02814e9e44515e5ba738461f008114
SHA512

9acc0409adabb2ba36604c378717d3c877c03429955c1b8cd5fc2d0d0dd0976972e96f50c8f2acdbf74395c000bbaaf2e1a756e4d38d080608fa1ef200c920fb
SSDEEP

12288:iLUk7dJkcEsYjEAwx9yJoJ8ln18mRex+SbnqENk4d:iLUAvEhdwaJoJ8R1zYqENk4d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26473859f4bc1dd9518f349f5b5709a8_JaffaCakes118

Files

26473859f4bc1dd9518f349f5b5709a8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

08de5920626e7a7a3fa8735f96304507

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SaveDC
SetTextAlign
SetWindowExtEx
RestoreDC
StretchBlt
TextOutA
Rectangle
GetDeviceCaps
DeleteMetaFile
DeleteDC
CreateRectRgnIndirect
CreateMetaFileA
CreateCompatibleDC
SetWindowOrgEx
CloseMetaFile

user32

PtInRect
OffsetRect
LoadCursorA
IsWindow
IsChild
RegisterClassExA
IntersectRect
GetWindowLongA
GetParent
GetKeyState
GetFocus
GetDC
ReleaseDC
SetFocus
SetWindowLongA
SetWindowPos
SetWindowRgn
ShowWindow
UnionRect
UnregisterClassA
EndPaint
DestroyWindow
DefWindowProcA
CreateWindowExA
CharNextA
CallWindowProcA
BeginPaint
InvalidateRect
GetClassInfoExA
EqualRect
GetClientRect

ole32

CoTaskMemFree
CreateOleAdviseHolder
OleSaveToStream
WriteClassStm
CoTaskMemAlloc
CoCreateInstance

kernel32

HeapCreate
lstrlenW
lstrlenA
lstrcmpiA
WriteFile
WideCharToMultiByte
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
Sleep
SizeofResource
SetLastError
SetHandleCount
RtlUnwind
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
MulDiv
LoadResource
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FlushInstructionCache
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
IsProcessorFeaturePresent
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalAlloc
GlobalLock
GlobalUnlock
HeapAlloc
GetStartupInfoA
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsDebuggerPresent

oleaut32

VariantClear
VariantChangeType
SysStringLen
SysStringByteLen
SysFreeString
SysAllocStringLen
SysAllocStringByteLen
SysAllocString
SafeArrayUnaccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayAccessData
RegisterTypeLi
OleCreatePropertyFrame
LoadTypeLi
LoadRegTypeLi
VariantInit

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegOpenKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegCloseKey

Exports

Exports

GeneratorExit
GetRestricted
Int_Fini
ReadObjectFromFile
ReadShortFromFile

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08de5920626e7a7a3fa8735f96304507

Headers

File Characteristics

Imports

gdi32

user32

ole32

kernel32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 119KB - Virtual size: 119KB

.rdata Size: 295KB - Virtual size: 294KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 18KB - Virtual size: 17KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 119KB - Virtual size: 119KB

.rdata
Size: 295KB - Virtual size: 294KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 18KB - Virtual size: 17KB

.reloc
Size: 5KB - Virtual size: 5KB