26fcab92e4cd6f6302f94d480239461a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26fcab92e4cd6f6302f94d480239461a_JaffaCakes118
Size

82KB
MD5

26fcab92e4cd6f6302f94d480239461a
SHA1

3160779d7ea00a83830d1d528a8ec2c95451fb5d
SHA256

66b35ca0d29741f5110a2bef76c137f6d2683590cbb0976c5db7cb5a9b726c40
SHA512

9f3b7dca7addf0668b346e89f1c9bbb9c3d6fbb3dd6372bce5c520620c90820a7ff88f5d3dd8b09d931c7d994af1d4cee85848387859600bf97cc770c24532f2
SSDEEP

1536:mxWFEw8IxY3qtBb8i8juNp13WoZlMYBEhUXJK3gwiV5FBxl3vAG5dtFOLn1GSD+D:m1w8IxNBQiYuNj3WYMSJ/D5BXIwC17N0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26fcab92e4cd6f6302f94d480239461a_JaffaCakes118

Files

26fcab92e4cd6f6302f94d480239461a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

fc8262a56b2f1b1df8b681ca41be80df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
SetSystemTimeAdjustment
GetPrivateProfileSectionNamesW
SetConsoleInputExeNameA
LocalHandle
lstrcpyA
GetCurrentThread
GetTickCount
CopyFileExA
FindFirstVolumeA
HeapAlloc
GetVersionExA
WriteFileEx
GetProcessIoCounters
EndUpdateResourceA
RegisterWaitForSingleObject
HeapFree
VirtualAllocEx

Exports

Exports

Gkneuuqm
Adrkunvin
Xctijwgak
Ihpvpykckq
CloseKqitgxuaeuv
Aaeytigq
SetMhsktrqshct
GetDjhgaltowxr
Ewgdhonqanq
Blkqjqltjaq
AddVwkrkqfpx
GetYtbjmxs
Gcogrwccig
InitFaavuksnoj
Gjelrlgpe
Gdokbgk
Osrvcrvgdrn
Rvtjcks
Tfbxwdlwe
Xlywcdboc

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ