26fe588fbac1a3196e885e51eee0983c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26fe588fbac1a3196e885e51eee0983c_JaffaCakes118
Size

168KB
MD5

26fe588fbac1a3196e885e51eee0983c
SHA1

bdb915eeedab65974b3828d351bab4c0b7dd8714
SHA256

c1764c13170de0df0213c9f739981146eca3ab8b5711205cb539ef281cbca6e8
SHA512

b9649120cf2622acb663988bd7b18f4b8cf4904edb8ff822b3eeacb1a91943cd2e86c1e5a5d1d0c169d47033588468eb505953698fdeff591c9e8ce05bca9e16
SSDEEP

3072:S+EG/3watF71Hsr5hdHas/W2JloA5Ef9bvu/r1AqRilp2iqI/lJ1Dgi:xEswatQr5htWEBS9ajiv2yNci

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26fe588fbac1a3196e885e51eee0983c_JaffaCakes118

Files

26fe588fbac1a3196e885e51eee0983c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88c87df674ce9571909d3112d70dd502

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LCMapStringA
ExitProcess
GetCurrentProcess
CreateFileA
LoadLibraryA

user32

CloseWindow
CharLowerBuffA
SetWindowLongA
wsprintfA
CreateWindowExA

advapi32

RegOpenKeyA
RegEnumValueA
RegDeleteValueA
RegEnumKeyA
RegCreateKeyA
RegQueryValueA
RegSetValueA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 149KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ