26fe2cadcfcfcd65a34c6cbc505051b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26fe2cadcfcfcd65a34c6cbc505051b0_JaffaCakes118
Size

2KB
MD5

26fe2cadcfcfcd65a34c6cbc505051b0
SHA1

2f56b45db9424876707112e293b255ee014e2994
SHA256

b2a7be43e39d7d912eb2591b9f099c964f887da7350240779627be601821b9a5
SHA512

195f68c52d27f77327f07d26b15a0a78de244c95afbd09a421b423a977cdf7fe9f53d3edba6d89458c77a540365bf286e36bce12a394f7a8df8a2736ee43bbfa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26fe2cadcfcfcd65a34c6cbc505051b0_JaffaCakes118

Files

26fe2cadcfcfcd65a34c6cbc505051b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f99f57e2ff9d6447bdfedba5dbe0e01b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessA
ExitProcess
GetThreadContext
GetWindowsDirectoryA
ReadProcessMemory
ResumeThread
SetThreadContext
VirtualAlloc
VirtualAllocEx
WriteProcessMemory

user32

MessageBoxA

Sections

.text
Size: 512B - Virtual size: 454B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE