26eb129a645a549ec5950a1a126f5490_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26eb129a645a549ec5950a1a126f5490_JaffaCakes118
Size

234KB
MD5

26eb129a645a549ec5950a1a126f5490
SHA1

b08c99fdbc37b69b98bacce2a4ece93b018984f5
SHA256

e87257b92ca588bfcb200b4b5a70397fd40d0600c30338b154beb3407a3a15d1
SHA512

4b247e3a4c763665e0afd124ad9ed908b60713adb6b029e4580e2b312be21464a9fe7d333ba077f7f61f21f8cb2df13e9219bd33b8163f748b41ee19327d6a3a
SSDEEP

6144:9raUuOVw8yxZKfordHYPbHVlxUArsefajkGL7:EBOLyqgB4xl6AYm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26eb129a645a549ec5950a1a126f5490_JaffaCakes118

Files

26eb129a645a549ec5950a1a126f5490_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f44cc6788a05f94558ef98089110638c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
CreateFileA
CreateFileMappingA
DisableThreadLibraryCalls
ExitProcess
GetACP
GetCommandLineA
GetCurrentThread
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
LocalAlloc
MultiByteToWideChar
RtlUnwind
SearchPathA
SetConsoleCtrlHandler
SetErrorMode
SetFilePointer
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
UnmapViewOfFile
WriteConsoleW

user32

SetPropA
ReleaseCapture
InflateRect
GetCursorPos
EndDialog
EnableMenuItem
DefFrameProcA

ole32

CoCreateInstance
CoCreateGuid
CoGetMalloc
CoFileTimeNow
CLSIDFromString

advapi32

ChangeServiceConfigA

opengl32

glRasterPos3fv

Exports

Exports

EnumDeviceReset
ReflectParamValues

Sections

.text
Size: 149KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ