26ea780eb1514f7222c9253125b0a069_JaffaCakes118 | Triage

Sharing

General

Target

26ea780eb1514f7222c9253125b0a069_JaffaCakes118
Size

156KB
MD5

26ea780eb1514f7222c9253125b0a069
SHA1

0fccbbc914da7d523e2eade98b68827aa9b3a7b6
SHA256

60a0a5c1935309f9600ce037670b1416bb0c7e38076faff45b434ff736093683
SHA512

fc7a0a4207fb59331a6deb2174bd8a4d7fdc41cf2a78e700e2c60617ebed0fa9728aa1a96a074fcfde4e192ff01c2b17d27a938323275b76af44a7a01ecf7900
SSDEEP

3072:ZN/IV0yIiSywyop97I5GlQLYcVEPiAxSxDCUfcNl9WMeamhd+NxZ/x1hHX:ZN/IpI9k5GlQogxDCUm9WMeDdyjX1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ea780eb1514f7222c9253125b0a069_JaffaCakes118

Files

26ea780eb1514f7222c9253125b0a069_JaffaCakes118
.exe windows:4 windows x86 arch:x86

eed8216058825d004fbb7aced586cce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetBkColor
GetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
OleLockRunning
StringFromGUID2
CoAllowSetForegroundWindow
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeSecurity
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoGetClassObject

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

comdlg32

GetFileTitleW

kernel32

GetLocaleInfoW
ExpandEnvironmentStringsA
GetCurrentThread
LZOpenFileA
CreateProcessA
HeapAlloc
GetProcessHeap
HeapFree
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA

oleaut32

LHashValOfNameSys
GetRecordInfoFromTypeInfo
VarI4FromDec
SysFreeString

Sections

.text
Size: 103KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ