aa26f440db6dd83724eaa4cf6d1f462f_JaffaCakes118 | Triage

Sharing

General

Target

aa26f440db6dd83724eaa4cf6d1f462f_JaffaCakes118
Size

32KB
MD5

aa26f440db6dd83724eaa4cf6d1f462f
SHA1

5945c3295ad50a5f0b71cf796fd54f0b333572f1
SHA256

9a8e2f0bc0921ea1a91e2de37dcb1d7cb6998df35a20f07ab91701717fa32034
SHA512

0f8d2516c812c4f599dec0d49b4c5ba04c18cf592d9ec15e0b2297acc77d95502174da24709bae561cce8d89a0712f4315065921607f48326e9a067e4e2fa321
SSDEEP

192:2z2ZkJY6rR3WQ/ixBTyXhMyg59caf0s/My57y67PwoazrFSREInHUPxCSGwkX:+iUR3diQMv9cAt0JzrFSRlUPUS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa26f440db6dd83724eaa4cf6d1f462f_JaffaCakes118

Files

aa26f440db6dd83724eaa4cf6d1f462f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

393d11c8ead9e35904baeedb0bb20b14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
_strnicmp
strlen
strcpy
strcat
time
strrchr
_CxxThrowException
__CxxFrameHandler
??1type_info@@UAE@XZ
isspace
isdigit
fopen
memcpy
strchr
strstr
wcscmp
_EH_prolog

shlwapi

SHGetValueA
SHSetValueA

wininet

InternetCrackUrlA
InternetSetOptionA
InternetCheckConnectionA

kernel32

CopyFileA
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitProcess
HeapFree
GetProcessHeap
HeapAlloc
lstrlenA
GetCurrentProcessId
MultiByteToWideChar
lstrlenW
WideCharToMultiByte
Sleep
GetModuleFileNameA
GetEnvironmentVariableA
lstrcmpiA
CreateThread
CreateProcessA
MoveFileExA
GetTickCount

user32

wvsprintfA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE