e26c74d89fdc89904426a83bbe1504cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e26c74d89fdc89904426a83bbe1504cd_JaffaCakes118
Size

143KB
MD5

e26c74d89fdc89904426a83bbe1504cd
SHA1

b12ea5d041ef7f509a0d8cf03df317915f4a75ce
SHA256

794a7491d9a5de57469153fb159a660c405ab3066d1c1dee13927e2a0259a2e2
SHA512

8dd4ab903a366eca949516d1a2d1c8f1e03b68a223ac1cf83d50777231a300d0d1f792d9e6118fd8318d06249d87bb0bfc886ba108902e085b9f552e38baaf5f
SSDEEP

3072:FyNA5jfrQfuwyVsx4mVatoi6GRwnmUQdiKqugEFy7YP:FyNSrQfzNv+6Gd9hqugEAe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e26c74d89fdc89904426a83bbe1504cd_JaffaCakes118

Files

e26c74d89fdc89904426a83bbe1504cd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ced34bc638e657690c17810fb1af675f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessInternalW
GetCurrentProcessId
lstrcmpA
GetACP
GetUserDefaultLangID
IsDBCSLeadByte
GetCommandLineA
VirtualAlloc
GetSystemDefaultLCID
TlsFree
GetLogicalDrives
GetModuleFileNameA
lstrcatA
GetDriveTypeW
GetCurrentThread
TlsSetValue
GetModuleHandleW
TlsGetValue
GetOEMCP
GetCurrentThreadId
FreeLibrary

user32

GetActiveWindow
GetWindowLongA
GetDC
UpdateWindow
IsWindowVisible
GetClassLongA
ShowWindow
GetWindowTextLengthA
GetFocus
GetForegroundWindow
IsIconic
CloseWindow
GetWindowDC
GetSystemMetrics
RegisterClassA
GetWindowTextA
GetWindow
ReleaseDC
BeginPaint

imagehlp

CheckSumMappedFile
FindFileInPath
FindDebugInfoFile
BindImage
ImageLoad
ImageNtHeader

sxs

CreateAssemblyCache
SxsInstallW
CreateAssemblyNameObject
SxsLookupClrGuid

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 581B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ