26c3c874ee12474a05658b488c5e7390_JaffaCakes118

General

Target

26c3c874ee12474a05658b488c5e7390_JaffaCakes118
Size

40KB
MD5

26c3c874ee12474a05658b488c5e7390
SHA1

f416d879972ed9baf36b808e6a4acb8e95157b5b
SHA256

59d06e35ed9fd486b981d8b264fb719882df89dd8791bfe46dccd1ebfe29ab9e
SHA512

e00d12cef0bceea6e0005647328572fd3947783e4ec63a58ac1949834e3582356eeb7c4511aed1d253974fc3556c4842fcc226b0f9bc0ad5f6740534101964c9
SSDEEP

384:45zYEJtUC9Amzjoki4wa4JDiJAk8GjrQmTmqW8FEa/MBnnF+l9c+bhaLz:M9mmzjodV5iJAvEuKT/MxF+jcOha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26c3c874ee12474a05658b488c5e7390_JaffaCakes118

Files

26c3c874ee12474a05658b488c5e7390_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c72de8388976f4edd3a0b91ba9fd783

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wbemcomn

?ErrorTrace@@YAHDPBDZZ
?DebugTrace@@YAHDPBDZZ

msvcrt

_XcptFilter
exit
_exit
__getmainargs
__p___initenv
__CxxFrameHandler
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??2@YAPAXI@Z
__dllonexit
_onexit
_controlfp
??3@YAXPAX@Z
_vsnprintf
printf
setlocale
_stricmp
_strnicmp
mbstowcs
toupper
atol
wcslen
__setusermatherr
_initterm
_except_handler3

kernel32

LoadLibraryA
GetProcAddress
Sleep
CloseHandle
GetSystemDirectoryA
lstrcatA
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
lstrcpynA
LoadLibraryExA
FreeLibrary
GetFileAttributesA
CreateMutexA

user32

wsprintfA
CharToOemA
LoadStringA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c72de8388976f4edd3a0b91ba9fd783

Headers

File Characteristics

Imports

wbemcomn

msvcrt

kernel32

user32

ole32

version

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 20KB - Virtual size: 36KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 20KB - Virtual size: 36KB