26aab5306222fafeb92098696dc4ea8c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26aab5306222fafeb92098696dc4ea8c_JaffaCakes118
Size

149KB
MD5

26aab5306222fafeb92098696dc4ea8c
SHA1

79a1f326f14393b7b257841695ddc5c49002bf85
SHA256

8d25e77dbe8db6db3e38e679770f2dde26edfad0c5351e3cada7fd2e0b996487
SHA512

f721857957c780b6b894450e8fd91b9089660afe164292cddc3359f472e410193a0b4448057dfcb90ac2011ef04f0d8489bd2d922b24c21a6e419470f1c5b885
SSDEEP

3072:hrBEj4sNfzPxn1LEHsaqb67S3C3kibNs4lrA9C:hre8shpJajG3Xs64lE9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26aab5306222fafeb92098696dc4ea8c_JaffaCakes118

Files

26aab5306222fafeb92098696dc4ea8c_JaffaCakes118
.exe windows:1 windows x86 arch:x86

bf2ea68d2de4d23f16a54f27060839e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbscoll
_creat
exit
_stati64
wcscat
_gcvt
_controlfp
_acmdln
__setusermatherr
_tzset
__set_app_type
wcsncmp
_adj_fdivr_m32i
_XcptFilter
_fcloseall
_stricmp
_putwch
_mbsicmp
_getche
printf
_mbctohira
putc
_adjust_fdiv
memcpy
_iob
_exit
asctime
__p__commode
_vscprintf
iswalpha
__p__fmode
_initterm
_except_handler3
_wfsopen
_wspawnlpe
__getmainargs
_snwscanf
vfwprintf

kernel32

lstrlenA
WriteConsoleA
GetCommandLineW
FindFirstFileA
GetVersion
UnmapViewOfFile
ExitProcess
InterlockedExchange
FreeLibrary
GetThreadContext
GetModuleFileNameA
GetFileTime
LockResource
GetStartupInfoA
FlushFileBuffers
GetModuleHandleA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ