26b322072802f48ed79bb1e2f962f255_JaffaCakes118 | Triage

Sharing

General

Target

26b322072802f48ed79bb1e2f962f255_JaffaCakes118
Size

140KB
MD5

26b322072802f48ed79bb1e2f962f255
SHA1

152b58ed8159a19c44a05a671a5d05e333dca3e5
SHA256

ae7f9fb39843364fa19e0329e177aee50d67c73da161a111195cd7305a6469bb
SHA512

8bef790023bca3affd70a52d429718ebb9ec6e25322728e44e42e6a91d36924a72789e4d003d0319cc836b7e418aae4aafb43d979585f0071357b626b905d4d9
SSDEEP

3072:tpm/KwJQK2J8gffNz3NjUnG+oFUIudToZZSKSlAG+QWnUG:tQywJKGA13N/SIudkZZSKSmGE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26b322072802f48ed79bb1e2f962f255_JaffaCakes118

Files

26b322072802f48ed79bb1e2f962f255_JaffaCakes118
.exe windows:1 windows x86 arch:x86

5fd715d2ce9112fab25cc188aa6fdb92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapReAlloc
GetProcessHeap
SizeofResource
GetFileAttributesA
HeapFree
CloseHandle
WriteFile
GetModuleFileNameA
LockResource
LoadResource
CreateFileA
FindResourceA
HeapAlloc
CreateThread

user32

RegisterClassExA
PostQuitMessage
PostMessageA
LoadIconA
LoadCursorA
GetWindowTextA
GetMessageA
GetDlgItem
DispatchMessageA
DefWindowProcA
CreateWindowExA
MessageBoxA
TranslateMessage
ShowWindow
SetWindowTextA
SendMessageA
UpdateWindow

gdi32

GetStockObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA

ole32

CoTaskMemFree

imagehlp

MakeSureDirectoryPathExists

Sections

CODE
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE