26d6aa10ad93d6aa5281483ac169bf3a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26d6aa10ad93d6aa5281483ac169bf3a_JaffaCakes118
Size

91KB
MD5

26d6aa10ad93d6aa5281483ac169bf3a
SHA1

331f191e3a85d7e97810ae62617c5a0d9b2babce
SHA256

07a2a449026acd0e941bfc8138266a5399e5a78f6ce5dc926a30d45c41558f11
SHA512

6a70376301a1c811f3fce2ab74f67dcf302aad6a0fc172aa86ffce6c7850d85be797af7bdb5386b5235e543ac50da2dbb20992aa5634a4be710a8067054d26f4
SSDEEP

1536:bw54SjpaSUkBy3y4OWinukAPzSatP4zlkwKQuvFboV8jXSk:ypIXJOWinZah4zgTvxoVcXS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26d6aa10ad93d6aa5281483ac169bf3a_JaffaCakes118

Files

26d6aa10ad93d6aa5281483ac169bf3a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

49191440fc19ac910e90339b23960cbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

gWHRWT!133####!1.pdb

Imports

oleaut32

VarCyMul
VarCyCmp

mprapi

MprConfigInterfaceTransportRemove

user32

GetSysColorBrush
EnableWindow

kernel32

GetUserDefaultLCID
GetThreadId
GetStringScripts

wininet

InternetConfirmZoneCrossing
InternetGetConnectedState

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 490B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ