26e47c79fa804a73cde5298538b88b7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

26e47c79fa804a73cde5298538b88b7e_JaffaCakes118
Size

189KB
MD5

26e47c79fa804a73cde5298538b88b7e
SHA1

891143334fa27ec2afbc36e6a9fc73367f7cf1cc
SHA256

4570083d99c222a1049cf45101974b44fe852840a8a77a0fa617501f4f2202a5
SHA512

2876c297614ed92c5b57917a7891ecfa2f287234d47d9d520ac1bca56e80486ff299c526be36c8d2f6ac7c7746ce7c0cb2914b324fc5e5ae298779a23fcc60be
SSDEEP

3072:ELSd073soI2pTWwto4fyksQRqdNgT2jcF4h6QHlrInRSO3c37BfDQ+KIcTl7js/y:km073BIyK2ygqcF4MQHmRSO3UBsdFjsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e47c79fa804a73cde5298538b88b7e_JaffaCakes118

Files

26e47c79fa804a73cde5298538b88b7e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f01cc19f147c96d9faca4614e06699be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

ChooseColorA
GetSaveFileNameA

version

GetFileVersionInfoA
VerFindFileA
GetFileVersionInfoSizeA

oleaut32

SafeArrayGetElement
SafeArrayPtrOfIndex
VariantCopyInd
VariantChangeType
SysStringLen
OleLoadPicture
SafeArrayUnaccessData
GetErrorInfo
SysReAllocStringLen
SysAllocStringLen

comctl32

ImageList_Remove

shlwapi

SHDeleteValueA
SHGetValueA
PathIsDirectoryA
SHQueryInfoKeyA
PathFileExistsA
SHDeleteKeyA
SHEnumValueA
SHSetValueA

kernel32

ExitThread
LocalAlloc
GetLocalTime
GetVersionExA
LoadLibraryExA
SetEvent
SetThreadLocale
GetDiskFreeSpaceA
lstrlenA
ExitProcess
CreateThread
GlobalAlloc
GlobalFindAtomA
GetStartupInfoA
HeapAlloc
WideCharToMultiByte
lstrcpyA
LocalFree
GetCommandLineA
GetCurrentThread
HeapFree
GlobalAddAtomA
LocalReAlloc
FindClose
WaitForSingleObject
GetStringTypeA
HeapDestroy
GetACP
SetEndOfFile
GetLocaleInfoA
VirtualQuery
GetDateFormatA
GetCPInfo
lstrcmpiA
lstrcatA
VirtualAllocEx
SetLastError
GetModuleHandleA
GetProcessHeap
EnumCalendarInfoA
GetFileSize
LockResource
GetCurrentThreadId
GetFileType
GetStringTypeW
SetFilePointer
GlobalDeleteAtom
GetFullPathNameA
LoadLibraryA
MulDiv
WriteFile
Sleep
CreateFileA
GetOEMCP
lstrcpynA
VirtualAlloc
FreeLibrary
SetErrorMode
FindFirstFileA
EnterCriticalSection
DeleteFileA
GetCurrentProcessId
GetLastError
ResetEvent
SetHandleCount

msvcrt

atan
memmove
strncmp
memcpy
calloc

user32

IsWindowVisible
GetMenuStringA
FrameRect
GetActiveWindow
SetWindowPos
SetTimer
GetMessagePos
GetSysColorBrush
GetMenuState
DrawFrameControl
SetWindowLongA
GetPropA
GetSubMenu
CharNextA
GetMenuItemInfoA
GetSysColor
GetCursor
GetMenuItemID
GetScrollRange
GetWindowTextA
DeferWindowPos
GetScrollInfo
BeginDeferWindowPos
FillRect
GetWindow
HideCaret
GetParent
DrawIconEx
GetFocus
GetScrollPos
IsChild

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f01cc19f147c96d9faca4614e06699be

Headers

File Characteristics

Imports

comdlg32

version

oleaut32

comctl32

shlwapi

kernel32

msvcrt

user32

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 149KB - Virtual size: 148KB

.rdata Size: 512B - Virtual size: 124KB

.init Size: 512B - Virtual size: 240B

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 149KB - Virtual size: 148KB

.rdata
Size: 512B - Virtual size: 124KB

.init
Size: 512B - Virtual size: 240B

.reloc
Size: 1KB - Virtual size: 1KB