26c3b3938ee7c99ce89088b91e111fa4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26c3b3938ee7c99ce89088b91e111fa4_JaffaCakes118
Size

205KB
MD5

26c3b3938ee7c99ce89088b91e111fa4
SHA1

d9ea5d0a2aaefe802040f21e457b480abbf16a72
SHA256

3ddf3233442e39536d3cf0c3381297e2c299cdc166875cb767969cf18551fbe3
SHA512

aa308e520e96f99c2143b3af859c954a164212672a2f4779583475c34ed5bfce26dad7f1a9345717c742810dfae4daa8568351756f69d5d8dbdf92b753a9e0a0
SSDEEP

6144:TCnxrvYPo1OwyU/9A5p+3NugPZg41lE8CVtO:OJgaOwyU/9Aj+TTlE8Ci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26c3b3938ee7c99ce89088b91e111fa4_JaffaCakes118

Files

26c3b3938ee7c99ce89088b91e111fa4_JaffaCakes118
.exe windows:0 windows x86 arch:x86

99f5b0b723d6fca2813f516623081e1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
FreeLibrary
GetLastError
CreateMutexA
LoadLibraryA

user32

wsprintfA
MessageBoxA

Sections

.data
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE