26d67501e32c6ec436c07261e0bac5f0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26d67501e32c6ec436c07261e0bac5f0_JaffaCakes118
Size

417KB
MD5

26d67501e32c6ec436c07261e0bac5f0
SHA1

49ed6de8bfcc2137744a2a47b6722281df0b0cd3
SHA256

1cad10790da2b7e8278a196fc51e61ca55ea4d9fb4a81199ceb726a1f1e1835d
SHA512

a6bd6427cdd249cb20e3de3b5378194b234be9548b93821c708a57402f55d0e4392b01d4aa0d2a6c833655b82aefc053ca1e28ac4c47656cc2aaf2659f8ba73e
SSDEEP

6144:74YCqLZh14jvgvqh9Q0CUSGTEkARBNDgbq8M9Mxdb9feBc1e:Hh1vqhi0Cy4kARLBak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d67501e32c6ec436c07261e0bac5f0_JaffaCakes118

Files

26d67501e32c6ec436c07261e0bac5f0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

836d416951e044c208dfb8b8573bba9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileStringA
GlobalLock
GlobalAddAtomA
GlobalCompact
GetProcessHeap
DeleteAtom
ExitThread
RaiseException
LoadLibraryExA
EnterCriticalSection
LoadResource
LocalSize
VirtualAlloc
CloseHandle
GetCommState
ClearCommBreak
GetOEMCP
GlobalFindAtomA
GetStdHandle
GlobalFree
lstrcpyn

user32

DrawEdge
GetClassNameA
GetParent
CloseWindow
GetFocus
EndPaint
GetWindowTextLengthA
GetWindow
GetClassInfoExA
GetWindowTextA
GetDC
RegisterClassA
BeginPaint
GetForegroundWindow
ReleaseDC
ShowWindow
GetActiveWindow
IsIconic
ValidateRect

wsock32

WSAGetLastError
WSACleanup
WSAIsBlocking
WSAAsyncSelect
WSAStartup

duser

GetStdColorF

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ