26f8133027fdd79c78c2f7cebeead620_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26f8133027fdd79c78c2f7cebeead620_JaffaCakes118
Size

43KB
MD5

26f8133027fdd79c78c2f7cebeead620
SHA1

f93403047e5c41d72bcfa98d9ea7930b8a962f64
SHA256

53518a7cd69cb6e3cfd2476df0c664514c16c15631d5a7c38d88894d5943962b
SHA512

71308786bc0d4d8b929104e08be53f619d5162cea79a0ac63f4e8ce9ad3e71af1e67e3bb898ded4427cade630b45133270abfaf700fcad2a4ac1887a4b78fe57
SSDEEP

768:SzA7x2W8YI5axaSltEzm7mmMjoFK08IhskLqhcbD6NN3Tii7xdQPSwg1:KAw/P5axaj9mM9PIhskLqYK3TNxdB1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26f8133027fdd79c78c2f7cebeead620_JaffaCakes118

Files

26f8133027fdd79c78c2f7cebeead620_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4158b9b4296c227200f85a84b1f1cea6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

ExitWindowsEx

shell32

ShellExecuteA

psapi

GetModuleFileNameExA

shlwapi

StrCmpW

winmm

waveInUnprepareHeader

ole32

CreateStreamOnHGlobal

ws2_32

listen

advapi32

RegCloseKey

gdi32

DeleteObject

avicap32

capCreateCaptureWindowA

imm32

ImmReleaseContext

msvcrt.dll

malloc

Exports

Exports

gytfredwse
ServiceMain
rftgyhujk

Sections

.erdf
Size: 25KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

edrft
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rtyhgj
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE