26986020aa4ffbc189151d8dd27905fb_JaffaCakes118 | Triage

Sharing

General

Target

26986020aa4ffbc189151d8dd27905fb_JaffaCakes118
Size

64KB
MD5

26986020aa4ffbc189151d8dd27905fb
SHA1

a97c09280ee7277bb1398a51e88c011ed44fce48
SHA256

de976cfebb60fe7a982e9fddcc9f56b634f923acb774afd4aa3e3da91f826047
SHA512

1cc05b95eafa6c81ded283b1d8290c00041716188519ed459261077767e67778de383d3e603a4aea06b5c314eac073839c6ad104f9e0b7918cf52f5d009b45f4
SSDEEP

1536:tFXXC5FyGdk00OJtJqRt1TKyuSFQ1C2v3HOuGeE:tOFyGOWqAGA3HOuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26986020aa4ffbc189151d8dd27905fb_JaffaCakes118

Files

26986020aa4ffbc189151d8dd27905fb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b7f223719b109320419cb908f739776

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueueUserAPC
HeapCreate
SetInformationJobObject
GlobalReAlloc
IsValidCodePage
OpenJobObjectA
SetConsoleCtrlHandler
GetCommMask
GlobalLock
IsValidLanguageGroup
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

rc60
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rc61
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

rc62
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

rc63
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ