26e8149916290c3ef7421923ffcd851e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26e8149916290c3ef7421923ffcd851e_JaffaCakes118
Size

363KB
MD5

26e8149916290c3ef7421923ffcd851e
SHA1

e1aab4f80a8692a1316da732360b3a3700e2659f
SHA256

c79e72a5a6d34689248dc79b7f89d5fd1a380ac178e5c2d406e06f3d3af47127
SHA512

b88a70e0096f98a5b4ecba5a6ed07fb5d8191f2502a4aff77d9cbb83e980838087a4a9ce7314ee2e7b5bfda86971423305c5f4c94b980d63dd7bc65bce45cf40
SSDEEP

6144:6iJwnMGOr8fe0AJgjchjTnDqNkCYV7zj9nd56t6L8R8NmC:F+n9O8e0Fcx/bV7Pn5k+XNH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e8149916290c3ef7421923ffcd851e_JaffaCakes118

Files

26e8149916290c3ef7421923ffcd851e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6da451643cf99a5a127a77c055e9ceb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
GetLastError
GetComputerNameA
EnumResourceTypesA
TlsGetValue
GetExitCodeProcess
ReleaseMutex
DeleteCriticalSection
GetTickCount
CloseHandle
GetModuleHandleA
GetDiskFreeSpaceExW
LoadLibraryExW
Sleep
FreeConsole
VirtualProtect
SetLastError
GetCommandLineA
GetDriveTypeA
FindClose

shell32

SHGetDiskFreeSpaceA
ExtractIconA
SHGetMalloc
ShellMessageBoxA
DuplicateIcon
StrChrA
DragQueryFileA
SHFree
SHGetSettings
DragAcceptFiles
ShellAboutA
DragFinish
DllUnregisterServer

printui

vQueueCreate
bFolderGetPrinter
vPrinterPropPages
PnPInterface
bPrinterSetup

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 628B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ