f26bc562a9767d082ba245727f7ddbb7_JaffaCakes118 | Triage

Sharing

General

Target

f26bc562a9767d082ba245727f7ddbb7_JaffaCakes118
Size

169KB
MD5

f26bc562a9767d082ba245727f7ddbb7
SHA1

ad186a8fe87a991419786a175e04cbcd2cfdebd5
SHA256

d03da3ca5d745d77460d6631ab83048ab8f903a16ee9eb366d1512082d995a33
SHA512

78f098dec4c7cd7b5430f42bd93a257d10239c2b3e61ed112ca387230caaf28f44b70059ba37d3b7f7ced581a01dcaf78044eb609ed475ae3edd5242d1851c7d
SSDEEP

3072:kFGf+TNtlCM7AHW27DgRMQgsSPAmbvnTFC2JDRQReYc4BIJmUnWGMnqSR:HfMDk3cqF4UvMuus54u8jGMnv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f26bc562a9767d082ba245727f7ddbb7_JaffaCakes118

Files

f26bc562a9767d082ba245727f7ddbb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

133b3d5a608da5d5588df9b33431af18

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetWindowInfo
GetCapture
ValidateRect
SetCapture
ExcludeUpdateRgn
InvalidateRgn
ValidateRgn
ReleaseCapture
GetUpdateRgn

kernel32

FindNextFileW
CompareStringA
GetVDMCurrentDirectories
FindResourceW
FindClose
SetThreadPriorityBoost
GetShortPathNameW
GetStringTypeW
GetLocalTime
FreeLibrary
HeapCreate
FindFirstFileW
SetEnvironmentVariableW
EnumResourceNamesW
RegisterWaitForSingleObject
SetErrorMode
FileTimeToLocalFileTime
SetCurrentDirectoryW
FileTimeToSystemTime
SystemTimeToFileTime
LocalFileTimeToFileTime
LoadResource
SearchPathW

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ