26e40666c928f2741e19b72c9923b47e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26e40666c928f2741e19b72c9923b47e_JaffaCakes118
Size

170KB
MD5

26e40666c928f2741e19b72c9923b47e
SHA1

9d6ab73c41e55b12dd1042015d7aefb3f6da56e4
SHA256

b90348ca602d5208380411358a6d799f324e40e537a3b0ef39cba632821a2ecc
SHA512

0a278507cb7dfa7561d91bc591aa3d0f85f01e2a0774b2abbb3dab24cd60d1ccbab14dd0317f842aa6f2dfaf0090b105d1c88bfcfa88b116ad993d86d0467a25
SSDEEP

3072:GIcrfHnEr8EHiMgZdpfVLEj3XGW4zNamtBtV8Y3xytMm2hQg3YYh5FP2Qsta:GtHE8QynpaIbV8Y3xyUhQE/D1a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e40666c928f2741e19b72c9923b47e_JaffaCakes118

Files

26e40666c928f2741e19b72c9923b47e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57ffd9622a11ae40048d77c15c310f2a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

rpcrt4

RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA

kernel32

GetModuleHandleW
GetCalendarInfoA
FindNextFileA
GetCommandLineW
LocalFree
RaiseException
HeapFree
FindFirstFileW
_lread
_lwrite
EnumResourceNamesA
SetLastError
Sleep
FindFirstFileA
LockResource
MultiByteToWideChar
GetCurrentDirectoryW
HeapAlloc
FormatMessageW
SizeofResource
LoadResource
FindFirstFileW
_llseek
GlobalFree
GetProcessHeap
_lclose

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ