26dff9e0caabfdf3a532e4de9e9060b1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26dff9e0caabfdf3a532e4de9e9060b1_JaffaCakes118
Size

338KB
MD5

26dff9e0caabfdf3a532e4de9e9060b1
SHA1

577bacd89ade7a52f54228a9270d67668f2c0322
SHA256

f3dbbf18b1cb6dd3e27c24cb93dbd649c3bd8079d8629404d84a31553ae8e234
SHA512

366895e67be9433d54b4b0f9074db214625941af08884d3f2c5ff2f3dcdf4bcafbab5a9e95cca4073b5d9c4c17b665715f4290cf006648a83cac9c9ebed078f0
SSDEEP

6144:HxSMWqgqYbtAUCFlZ+eHLwGGx9g2TxyNVEdVl6lOvyVJZAHZlMsd/ppSJ:HoMDsbZiZDpx2Fy0jIeyVJclTd/ppSJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26dff9e0caabfdf3a532e4de9e9060b1_JaffaCakes118

Files

26dff9e0caabfdf3a532e4de9e9060b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

89d2bb05003d6b8cbbd849bf53be1f3f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
FreeConsole
EnumResourceTypesW
GetModuleHandleA
CreateMutexA
IsBadReadPtr
LocalFree
GetStdHandle
IsDebuggerPresent
VirtualProtectEx
GetLastError
Heap32First
GetSystemTime
lstrlenA
GetConsoleTitleA
ResetEvent
GlobalLock
GlobalUnlock
CloseHandle
CancelIo

user32

GetMessageA
GetKeyState
EndDialog
CreateWindowExA
GetDlgItemTextA
CloseWindow
CopyImage
IsIconic
GetMessageA
EnumWindows
DialogBoxParamA
GetParent
GetDlgItemInt
MessageBoxA

setupapi

IsUserAdmin
MyRealloc
SetupCloseLog
MyFree
SetupCopyErrorA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ