a26f192e09bab1beceab021b752cea5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a26f192e09bab1beceab021b752cea5c_JaffaCakes118
Size

114KB
MD5

a26f192e09bab1beceab021b752cea5c
SHA1

17552ec96e6dde9c9120828ee1edc140814cd036
SHA256

b48710fe02ded95f4cfd87aad433577b49df9221c62f137f7e3b0a27fed5adc2
SHA512

bd40a95f81f6d7060f92d41236721e76cdcae7c6a2279dcf531e44143be264f5ed55cca75b3a11e2f23c90637eb34ea990ce5f8b723fd766778fb61aee110efd
SSDEEP

3072:BCBFMPnqekNRBuArTZcrn+60Uzab7roaERCt:47HxZcz0tProa+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26f192e09bab1beceab021b752cea5c_JaffaCakes118

Files

a26f192e09bab1beceab021b752cea5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6116035e5cba1fbf1c3a8a3256f7c37a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapSize
HeapLock
SetConsoleMode
HeapUnlock
IsProcessorFeaturePresent
HeapAlloc
GetEnvironmentVariableA
GetCPInfo
GetDriveTypeA
HeapFree
VirtualAlloc
LockFile

comctl32

DrawInsert

Exports

Exports

Fapaeranp
WriteUasueubd
Dntwmcq
Kppjgwrd
OpenNtfywrihq
IsHlwgeqvuegf
CreateMbkdvksied
Empsvgvl
Kshdcms
WriteMawxgcb

Sections

.itext
Size: - Virtual size: 180B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ