26120ed7c59be9b4fd28cbedbb3cbc77_JaffaCakes118

General

Target

26120ed7c59be9b4fd28cbedbb3cbc77_JaffaCakes118
Size

118KB
MD5

26120ed7c59be9b4fd28cbedbb3cbc77
SHA1

be4d73791cd27ded40746256449bfc7c080f0dac
SHA256

acb2f1c4cac0238e77105100841ca994f8899e5e29dc0b75d21725bd4f35fe4d
SHA512

b7117af32e65fc97d304124f3b9efe650bdcc9d9e76e229d87fac6994a63f6afba275464ea7006a1948108f44251c7a12f3e28e7aa8fda1a2b394dc5b131d413
SSDEEP

1536:a+FYiVG5fDkOwcY1FyibtxNgTMr6zVcMyc8VvEc0RfJ/h9lsJor0S0apSDmNp3y7:PA5rkOChbGPStcjRh/hDsJor3jSDycJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26120ed7c59be9b4fd28cbedbb3cbc77_JaffaCakes118

Files

26120ed7c59be9b4fd28cbedbb3cbc77_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c176cfd3d3e3b833a61f68faa8f0182d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetDiskFreeSpaceA
WideCharToMultiByte
TlsSetValue
SetEndOfFile
UnhandledExceptionFilter
GetCurrentProcessId
ExitProcess
HeapFree
GetExitCodeProcess
LoadLibraryA
GetTickCount
UnmapViewOfFile
FreeEnvironmentStringsW
VirtualQuery
FreeLibrary
QueryPerformanceCounter
IsValidCodePage
SetEvent
HeapCreate
SetUnhandledExceptionFilter
LocalAlloc
HeapReAlloc
GetProcAddress
lstrcpynA
FlushInstructionCache

user32

ShowWindow
EndDialog
DefWindowProcW
SetDlgItemTextA
IsChild
RegisterClassW
GetCursorPos
SetForegroundWindow
LoadMenuW
PostQuitMessage
InvalidateRect
PostMessageA
InflateRect

advapi32

RegCreateKeyExA
RegEnumKeyExW
RegSetValueExW
RegDeleteValueA
RegDeleteValueW

gdi32

Escape
SetBkColor

msvcrt

_CxxThrowException
_wtoi
_adjust_fdiv
__CxxFrameHandler
memset
memcpy

ole32

CoUninitialize
CLSIDFromString
CoInitialize

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c176cfd3d3e3b833a61f68faa8f0182d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcrt

ole32

Sections

.text Size: 50KB - Virtual size: 50KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 25KB - Virtual size: 244KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 50KB - Virtual size: 50KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 25KB - Virtual size: 244KB

.rsrc
Size: 3KB - Virtual size: 2KB