a26b089ba9c9da659384c71d7dda7fe0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a26b089ba9c9da659384c71d7dda7fe0_JaffaCakes118
Size

32KB
MD5

a26b089ba9c9da659384c71d7dda7fe0
SHA1

804a8517985442ad3557ad890b731f7556f42261
SHA256

c72630fb70902abdf6da21f3ab4228dff5f5ab0db24c29a3f5d7615c7598f5f0
SHA512

3ebd4ec275f65a689ab885693ff6d788912b012b9877ac53ac66b2988bcdb274210400cc2171105cb155887c7c335c0302f57c777f4b84c9699a2d776e166825
SSDEEP

768:ynCEXLfDkkC27mXbCUMi1ZxiFDxvM801K:zYfDrx7MM6Z0foI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a26b089ba9c9da659384c71d7dda7fe0_JaffaCakes118

Files

a26b089ba9c9da659384c71d7dda7fe0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

08c65b1cbf9c4145b977cb7c89d87ff7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalHandle
TransactNamedPipe
MultiByteToWideChar
GetPrivateProfileSectionNamesA
SetFilePointerEx
GetTempPathW
GetVolumeInformationW
LocalShrink
CancelWaitableTimer
lstrcpyA
GetEnvironmentStringsA
ClearCommError
EnumSystemLocalesW

user32

SetWindowsHookExA
SetUserObjectInformationW
GetWindowRect
GetWindowModuleFileNameA

shell32

SHCreateDirectoryExW
StrRStrIA
SHEmptyRecycleBinA

gdi32

SetBkColor
PolyPolygon
DeleteDC
CloseEnhMetaFile
cGetTTFFromFOT
GetFontLanguageInfo
CreateMetaFileA
PATHOBJ_bEnum
SetWinMetaFileBits
GetDCPenColor
GetStringBitmapW
GetDeviceCaps
GetICMProfileW
GetCharWidthInfo
GdiGetLocalBrush
TextOutW
GdiCreateLocalMetaFilePict
CLIPOBJ_bEnum

Sections

.code
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pack32
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ