26a481832592d364f722155e24db5f7e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

26a481832592d364f722155e24db5f7e_JaffaCakes118
Size

113KB
MD5

26a481832592d364f722155e24db5f7e
SHA1

2da5cf210e4195b5b9af54dee1f94039220ccc13
SHA256

613e5542dc249cc1b1747dc0f636509400faad42ceb2fb1304d71fbca08f738d
SHA512

89fc2d0a94328c482c2cbf4eb1e0b4e2a739559e0c39bbbeaf7fb1295a2a806fb849174ebb1b235759f32713ce8101542f014042486a67d919cd08cbb7fb73e6
SSDEEP

1536:0b5X6hgw0xd89OIjVjIiRWdlHicf/yHpmL+Isy3Zqr:6qhgw0xdPIeiolHiciJmLd3Zqr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26a481832592d364f722155e24db5f7e_JaffaCakes118

Files

26a481832592d364f722155e24db5f7e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2d0f5f202aaefcaab5b32b7a269acb47

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAllocEx

user32

LoadCursorW
wsprintfA
UnregisterClassA
TranslateMessage
ShowWindow
SetWindowTextA
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextA
SendMessageA
SendDlgItemMessageA
ScreenToClient
ReleaseDC
RegisterClassA
PostQuitMessage
LoadStringA
LoadImageA
LoadIconA
LoadCursorA
LoadBitmapA
KillTimer
IsDialogMessageA
GetWindowTextA
GetWindowRect
GetMessageA
GetDlgItem
GetDC
DispatchMessageA
DestroyWindow
DestroyIcon
DefWindowProcA
CreateDialogParamA

gdi32

GetDeviceCaps
CreateDCW
TextOutW
StartPage
StartDocW
SetWindowExtEx
SetViewportExtEx
SetMapMode
SetBkMode
SetAbortProc
SelectObject
LPtoDP
GetTextMetricsW
GetTextFaceW
GetTextExtentPoint32W
GetStockObject
GetObjectW
CreateFontIndirectW
EnumFontsW
EndPage
EndDoc
DeleteObject
DeleteDC
AbortDoc

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegCloseKey
RegOpenKeyExW
RegDeleteKeyW

msvcrt

_XcptFilter
__getmainargs
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_acmdln
_adjust_fdiv
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_initterm
_stricmp
exit
swprintf
vswprintf
wcslen

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata16
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata15
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata14
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata13
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata12
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata11
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata10
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata9
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata8
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata7
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata6
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d0f5f202aaefcaab5b32b7a269acb47

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

msvcrt

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 78KB - Virtual size: 77KB

.data Size: 512B - Virtual size: 156B

.rdata16 Size: 1024B - Virtual size: 1000B

.rdata15 Size: 1024B - Virtual size: 1000B

.rdata14 Size: 1024B - Virtual size: 1000B

.rdata13 Size: 1024B - Virtual size: 1000B

.rdata12 Size: 1024B - Virtual size: 1000B

.rdata11 Size: 1024B - Virtual size: 1000B

.rdata10 Size: 1024B - Virtual size: 1000B

.rdata9 Size: 1024B - Virtual size: 1000B

.rdata8 Size: 1024B - Virtual size: 1000B

.rdata7 Size: 1024B - Virtual size: 1000B

.rdata6 Size: 1024B - Virtual size: 1000B

.rdata5 Size: 1024B - Virtual size: 1000B

.rdata4 Size: 1024B - Virtual size: 1000B

.rdata3 Size: 1024B - Virtual size: 1000B

.rdata2 Size: 1024B - Virtual size: 1000B

.rsrc Size: 1024B - Virtual size: 816B

.reloc Size: 1024B - Virtual size: 950B

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 78KB - Virtual size: 77KB

.data
Size: 512B - Virtual size: 156B

.rdata16
Size: 1024B - Virtual size: 1000B

.rdata15
Size: 1024B - Virtual size: 1000B

.rdata14
Size: 1024B - Virtual size: 1000B

.rdata13
Size: 1024B - Virtual size: 1000B

.rdata12
Size: 1024B - Virtual size: 1000B

.rdata11
Size: 1024B - Virtual size: 1000B

.rdata10
Size: 1024B - Virtual size: 1000B

.rdata9
Size: 1024B - Virtual size: 1000B

.rdata8
Size: 1024B - Virtual size: 1000B

.rdata7
Size: 1024B - Virtual size: 1000B

.rdata6
Size: 1024B - Virtual size: 1000B

.rdata5
Size: 1024B - Virtual size: 1000B

.rdata4
Size: 1024B - Virtual size: 1000B

.rdata3
Size: 1024B - Virtual size: 1000B

.rdata2
Size: 1024B - Virtual size: 1000B

.rsrc
Size: 1024B - Virtual size: 816B

.reloc
Size: 1024B - Virtual size: 950B