c26b2e66b9b8e4cd2c208640eb7aafbd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c26b2e66b9b8e4cd2c208640eb7aafbd_JaffaCakes118
Size

359KB
MD5

c26b2e66b9b8e4cd2c208640eb7aafbd
SHA1

606b2b3ad55b81d14dbdc779cecaa93f3a198315
SHA256

22d33b2896014cfd6ea2f33194fc3c8de8451e435ddbda464d17397cdd19071a
SHA512

d9aa7e2ab10ff663d801b7236ace9e4c9eec95eb6a6a1d368e1175b912363f9e66fa08ded2c0158c2ab2db95a98cf74cd3f117a37bef7b1c6198f9a87814409f
SSDEEP

6144:NyQHxSlGPQBaZ+BqhMXAy6fYv2SeJ3eB8fvmKNNcQ5ta6gKv5R3L/XWlpWzsVV2+:NzR9QI0Ay6fYvzEOe2KNSQ6l83zBzsu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c26b2e66b9b8e4cd2c208640eb7aafbd_JaffaCakes118

Files

c26b2e66b9b8e4cd2c208640eb7aafbd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b0b2f74bef2923b9eb5a6fef5b4f15fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
lstrlenA
CreateFileA
GetCommandLineW
GetDriveTypeA
ExitProcess
CloseHandle
GetComputerNameW
GetModuleHandleW
LocalFree
GetFileAttributesA
HeapCreate
GetSystemTime
LoadLibraryA
GetTickCount
GetDiskFreeSpaceW
GetTickCount
ReleaseMutex
FindAtomW
ReleaseMutex

user32

CloseWindow
CreateWindowExA
DrawStateA
GetMenu
CallWindowProcA
DestroyCaret
FillRect
GetCaretPos
GetClassInfoA
GetDlgItem
EndDialog
DispatchMessageA
GetComboBoxInfo

rasapi32

RasDialA
DwEnumEntryDetails
RasDeleteEntryA
DwRasUninitialize
DwCloneEntry

modemui

CountryRunOnce

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 436KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ