26ee3cfeba083c8b60fea7c3a4c618ae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26ee3cfeba083c8b60fea7c3a4c618ae_JaffaCakes118
Size

2.9MB
MD5

26ee3cfeba083c8b60fea7c3a4c618ae
SHA1

e6f7fc0d32202cac45ee67ed2516fa5f38dddee6
SHA256

b3bbe6299eff7b8ead9259582f0bd6e05bfbaf43fab165effed4e4222b2f5088
SHA512

1438d920273e1951dcaa174ea3f1f6b04492fa631a2f0db4cdb5c25c4151849424a498b12c3ece3172a00ae69d8b3851874c588d0f5d95b1f9afbfe4b923ba7b
SSDEEP

49152:MWYTUG9ZE+s/2/XQps+qXzrkUo5Ox3lHMq2clqqe3mo7zaH6P+ix9LFWs6io4DgP:+TUG93skusJXnkUo5Ox3lsNcve2ANHx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ee3cfeba083c8b60fea7c3a4c618ae_JaffaCakes118

Files

26ee3cfeba083c8b60fea7c3a4c618ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c60723c9c7e695e722a27503c165f10

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

SetEndOfFile
SetInformationJobObject
_lclose
GetHandleInformation
CreateIoCompletionPort
SetTermsrvAppInstallMode
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

text
Size: 4KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ