a26f9c609cce7097d1acf707f4aeffa6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a26f9c609cce7097d1acf707f4aeffa6_JaffaCakes118
Size

9KB
MD5

a26f9c609cce7097d1acf707f4aeffa6
SHA1

a9917103431744efe3c1248b59f8db9c7844689b
SHA256

82c2738bcab7800cb2b76b3481f883af2f57428674ac3e2afa2f8801218332ae
SHA512

2501147a0d9927c7dc6ce89934eeffade17b61562155668c0843fc199587f9016ed3c38c24e8515babd2b6f8a5fff0b2221b200e61be6a6d156870751255e140
SSDEEP

192:lJlZuWma0iHM2l6083ZCOJqfcAUQ8aYc1:lEa0iHM2ls3ZnycAn8Rc1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26f9c609cce7097d1acf707f4aeffa6_JaffaCakes118

Files

a26f9c609cce7097d1acf707f4aeffa6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43e19d9423163d3d48d2d4f8bb1c934e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowVisible
GetWindowTextA
EnumWindows
ShowWindow
MoveWindow
wsprintfA

kernel32

ExitProcess
GetLocaleInfoA
GetModuleFileNameA
GetProcessHeap
GetShortPathNameA
GetTempPathA
GetVersion
GetVersionExA
GetWindowsDirectoryA
HeapAlloc
HeapFree
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
GetEnvironmentVariableA
CreateMutexA
DeleteFileA
CreateProcessA
CreateFileA
CloseHandle
lstrcmpiA
GetLastError
GetCommandLineA

shell32

ShellExecuteA

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
GetUserNameA

rasapi32

RasHangUpA
RasEnumConnectionsA

wininet

HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
HttpOpenRequestA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE