26ceabfe44b5b8a1dd2074d68bb96fda_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26ceabfe44b5b8a1dd2074d68bb96fda_JaffaCakes118
Size

36KB
MD5

26ceabfe44b5b8a1dd2074d68bb96fda
SHA1

fb2370fb486ea4dd3404be20291c0793112c05d6
SHA256

a039ed1673fa4d9817b5023b1b87332b28ce2ab0ccec810773eecc9805109f50
SHA512

b476024c8bdf2e12c365d9d3310bddfabdf3746f80ccadd4b34d0cf8a699ace25afb7c25da73b69e870714b588c3f9f98b0a61d6737cccda61f29d524d4ac203
SSDEEP

768:PyhduPmnLMVKG966o9QJvleMBCfnMslv:KhKTVo6o6JoMAfnMs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ceabfe44b5b8a1dd2074d68bb96fda_JaffaCakes118

Files

26ceabfe44b5b8a1dd2074d68bb96fda_JaffaCakes118
.dll windows:4 windows x86 arch:x86

296a22888cd869d892d161cf75e00614

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpynA
CloseHandle
CreateThread
lstrlenA
CreateEventA
lstrcmpiA
SetEvent
ExitThread
WaitForSingleObject
lstrcpyA
LocalFree
LocalAlloc
CreateProcessA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetCommTimeouts
GetLastError
LoadLibraryA
lstrcatA
GetSystemDirectoryA
ReadFile
GetTickCount
WriteFile
Sleep
CreateFileA
GetModuleFileNameA
GetModuleHandleA
FreeLibrary
GetSystemTime
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
RtlUnwind
GetProcAddress
GetCommTimeouts
lstrcmpA
FlushFileBuffers

user32

PostMessageA
EnumThreadWindows
wsprintfA
LoadStringA
wvsprintfA
UnhookWindowsHookEx
SetWindowsHookExA
GetWindowTextA
ShowWindow
SendMessageA
CallNextHookEx

rasapi32

RnaTerminate
RnaGetDevicePort
RnaComplete

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Exports

Exports

CBTProc
RnaSessGetErrorString
RnaSessInitialize

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHAREDD
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

296a22888cd869d892d161cf75e00614

Headers

File Characteristics

Imports

kernel32

user32

rasapi32

advapi32

version

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 5KB

.SHAREDD Size: 4KB - Virtual size: 8B

.rsrc Size: 4KB - Virtual size: 744B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 5KB

.SHAREDD
Size: 4KB - Virtual size: 8B

.rsrc
Size: 4KB - Virtual size: 744B

.reloc
Size: 4KB - Virtual size: 3KB