26c9519841c75720eadc55111fc2a53b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26c9519841c75720eadc55111fc2a53b_JaffaCakes118
Size

123KB
MD5

26c9519841c75720eadc55111fc2a53b
SHA1

ccd37f27f7c4f2b14d150807427bcff66783700c
SHA256

3c29405842e5b3610f9f21958b5f4bb24c76db6067d5a958d07598515f8f4176
SHA512

c61714420dc6016a74afde5fee4e18e54469ec6247d8d61aac79b535a85a49834df81f0059d87d1ac72aa73b36f6d7d7eb6e47bba44919abe8fcab9c50bc1916
SSDEEP

3072:lIgzJ/yxOE5DIKXcO8d+Sup2IwOlEY8kVlte9SsSknG:rJaxOE5IKac7TVEXkz/s1G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26c9519841c75720eadc55111fc2a53b_JaffaCakes118

Files

26c9519841c75720eadc55111fc2a53b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

bf97e6ba5602ebd9b6db32c75ac9f161

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
lstrcatW
GetStdHandle
GetLastError
GetDriveTypeA
GetModuleHandleW
SetPriorityClass
HeapFree
GetLogicalDrives
lstrcmpiA
GetPrivateProfileStringA
HeapCreate
ReadFile
GetModuleHandleA
GetStringTypeW
TlsAlloc
SetLastError
GetExitCodeProcess
GetShortPathNameW
GetLocalTime
GetConsoleTitleW
SetFilePointer
GetTickCount

netshell

DllRegisterServer
HrLaunchConnection
DllGetClassObject
HrGetIconFromMediaType

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE