26cb9270089860728a5f8636dd03eb35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26cb9270089860728a5f8636dd03eb35_JaffaCakes118
Size

131KB
MD5

26cb9270089860728a5f8636dd03eb35
SHA1

c0ee175d24523bc6b49f2bbf6b236ae5055d81cf
SHA256

3da345914c2319175f4f79875ad13422828a65f1c6bade59536a18798708e769
SHA512

7eefe986f0e7395d6047d749bb67eec53b012ae324b4f8614bcc4c39556c7a8f9d956b35e5c2564db823a78cfdc18fe2b21d67148c6a28074040f489bf7f01ba
SSDEEP

3072:W1Wn+aVaPO7dnKB6oFobkWj6E/An6vi31CjZh79:oW+aVDFKMwoYWWEInBCj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26cb9270089860728a5f8636dd03eb35_JaffaCakes118

Files

26cb9270089860728a5f8636dd03eb35_JaffaCakes118
.exe windows:1 windows x86 arch:x86

c409c716d8b348d2d9cf675b3bc1c25c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

VariantCopyInd

gdi32

StretchDIBits

comctl32

InitCommonControls

Sections

CODE
Size: 116KB - Virtual size: 188KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE