26ff7f5ef46e54408b558644a62d0dab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26ff7f5ef46e54408b558644a62d0dab_JaffaCakes118
Size

24KB
MD5

26ff7f5ef46e54408b558644a62d0dab
SHA1

fa586ccd3c3c0bfe6079378aa3f2af2e3dba169f
SHA256

58dbf9b48b1ef65a71dc8ae971a9793c2ee183332f9e394dba6c26a365fa857b
SHA512

f6fcebc75594406a4e2c780dfd8da6151786a292c9f57388fcb21c204ff04dae9dd9f4c4c47aba88d15c22270298cf998fff394c17d60821fcd0c9e537e16ff9
SSDEEP

384:0CyqJWcuqHKRKLuJUjD+kq2+DQ33+y5/zEaIB9XbxQs6zrFu:p3WcX8wuEBqn833+ym1ms

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26ff7f5ef46e54408b558644a62d0dab_JaffaCakes118

Files

26ff7f5ef46e54408b558644a62d0dab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4f66b3661624a42ca3aed556d9aed4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
GetProfileStringA
SetCommBreak
VirtualAlloc
EnterCriticalSection
DeleteAtom
GlobalCompact
GetProcessHeap
CloseHandle
GlobalFindAtomA
GlobalFree
LocalSize
LoadResource
GlobalAddAtomA
LoadLibraryExA
GlobalLock
lstrcpyn
GetCommState
GetOEMCP
ExitThread
GetStdHandle

user32

GetWindow
ReleaseDC
GetWindowTextLengthA
EndPaint
ValidateRect
IsIconic
AlignRects
GetParent
GetActiveWindow
GetForegroundWindow
GetFocus
DrawEdge
GetClassInfoExA
CloseWindow
BeginPaint
GetWindowTextA
GetClassNameA
GetDC
ShowWindow

wsock32

WSAAsyncGetServByPort
WSAStartup
WSAGetLastError
WSACleanup
WSASetBlockingHook

duser

AutoTrace

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ