26641e54b125a47b1691cabbb2c739ae_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

9

Static

static

1

26641e54b1...18.exe

windows7-x64

26641e54b1...18.exe

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

26641e54b125a47b1691cabbb2c739ae_JaffaCakes118.exe

Resource

win7-20240221-en

evasion persistence ransomware

windows7-x64

11 signatures

150 seconds

Behavioral task

behavioral2

Sample

26641e54b125a47b1691cabbb2c739ae_JaffaCakes118.exe

Resource

win10v2004-20240426-en

evasion persistence ransomware

windows10-2004-x64

11 signatures

150 seconds

General

Target

26641e54b125a47b1691cabbb2c739ae_JaffaCakes118
Size

673KB
MD5

26641e54b125a47b1691cabbb2c739ae
SHA1

11d15a37fb8513a9d5aed0edec385a92cdaade22
SHA256

8a0db09af5244210bcbaa86cd4fe68b9322443cd89b9b5e647814842d77656da
SHA512

54c5c23cc3029ab3750fd95dd7217c84b4bad7b31978cb458c12d93ce9dfd9b7f677ac99c3be6ca1a25221b4310d01c0b352d553ea6bbdbeb16314ae89f1ed7f
SSDEEP

12288:7KBY7ncqQEkbs1ArHzvQ3AsFcr7UvYG83b1GCHTFR73e0:+EnLQoGKGAi3bfbTe0

Score

1^/10

Malware Config

Signatures

Files

26641e54b125a47b1691cabbb2c739ae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

3f:0d:f1:eb:d8:8f:b1:b9:4d:11:9c:ff:ac:6b:01:c9
Certificate

Issuer

CN={70166A21-2F6A-4CC0-822C-607696D8F4B7}

Not Before

19/04/2014, 03:47

Not After

19/04/2015, 09:47

Subject

CN={70166A21-2F6A-4CC0-822C-607696D8F4B7}

a3:2f:06:bb:02:73:89:0c:fb:24:1b:bf:14:4f:a7:03:d3:9b:89:11
Signer

Actual PE Digest

a3:2f:06:bb:02:73:89:0c:fb:24:1b:bf:14:4f:a7:03:d3:9b:89:11

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 668KB - Virtual size: 667KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

© 2018-2025

Terms | Privacy