16d26f8781ec10957661fc5e4113447b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16d26f8781ec10957661fc5e4113447b_JaffaCakes118
Size

299KB
MD5

16d26f8781ec10957661fc5e4113447b
SHA1

216659561267039ce12b7db4d56f971f00b7aaf4
SHA256

a9da961ee0691f048c5911386ce43e515771284385c5d25dc7a139f62c974324
SHA512

e2b7aa6a2b6b8b12c70e08aa136368a044ed9d5d051330070168012326066aaea7eba89c42aee756340107fff4ea6bb228abf5b87b522a1a282410a4f2076bd2
SSDEEP

6144:qMFsmoJ4VyZGQdMYDxPOt5eoqC8Yl3d6D5hXlP2oQ:zIamPdMYDxP2Sc/6dP2oQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16d26f8781ec10957661fc5e4113447b_JaffaCakes118

Files

16d26f8781ec10957661fc5e4113447b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

57c481e4aa83c5d252233bf8267232d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
FindClose
GetStringTypeA
CreateFileA
GetModuleHandleA
FindClose
CreateSemaphoreA
CreateFileMappingA
HeapCreate
CreatePipe
GetEnvironmentVariableW
SetVolumeLabelA
GetModuleHandleW
ReadConsoleW
FindClose
CreateMailslotA
CreateEventA
GetFullPathNameW
VirtualFree
GetVolumePathNameW
GetCurrentDirectoryW
GetFullPathNameW
Sleep

mshtml

DllGetClassObject
ShowModalDialog
DllCanUnloadNow
PrintHTML

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES
Size: 292KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avdr
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ