26f229303dad810c24435a667a7a4a06_JaffaCakes118

General

Target

26f229303dad810c24435a667a7a4a06_JaffaCakes118
Size

9KB
MD5

26f229303dad810c24435a667a7a4a06
SHA1

7c22dc1ea5870bde34ac94de6727e2b8f3ceab1a
SHA256

916096351060f1aae8fe2a0ec7c83241e0e3a716abf801255dbc28134009ce35
SHA512

b2bc9a7e7a1397acff1229fa8403e70a6e2408f7dd78cb4d30546a80c60252f7ab9657174ad50f100dd5b5c980d0adaaa9e8900b547c6f1eddc179777bdfcd5a
SSDEEP

192:E5URuC4DnT6eDg2pUtg0GIzv7DJ3ZV/T0P1oyn9BYe:3RuCdWEaInV7a1D2e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f229303dad810c24435a667a7a4a06_JaffaCakes118

Files

26f229303dad810c24435a667a7a4a06_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34e07a7e015d1fe816f9bcdb352b286

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
MultiByteToWideChar
CloseHandle
TerminateProcess
WriteFile
ReadFile
PeekNamedPipe
CreateProcessA
GetSystemDirectoryA
CreatePipe
GetLastError
GlobalFree
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
GetStartupInfoA
GetModuleHandleA

shell32

ShellExecuteExA

winhttp

WinHttpWriteData
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpGetProxyForUrl
WinHttpSetOption
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryOption
WinHttpGetIEProxyConfigForCurrentUser

msvcrt

_strnicmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
_itoa
memset
strlen
strcpy
strcat
??3@YAXPAX@Z
printf
fread
ftell
fseek
fclose
fwrite
atoi
fopen
strrchr
strstr
??2@YAPAXI@Z
strncpy
_exit
_XcptFilter
exit
_acmdln
__getmainargs

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f34e07a7e015d1fe816f9bcdb352b286

Headers

File Characteristics

Imports

kernel32

shell32

winhttp

msvcrt

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 17KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 17KB