26073b39de3838805198a1ca11219763_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26073b39de3838805198a1ca11219763_JaffaCakes118
Size

96KB
MD5

26073b39de3838805198a1ca11219763
SHA1

759d25ac97206a653a9fe8cb7b3140b7e4109de4
SHA256

dd3f5ed8d012ce45685440e6bd5fcc1518ec9dfef10ef35e5339a157d82cf186
SHA512

bfb656cbf3962194c829d62047a3bf1aced32103cac7dc2ca3236b59dc80347e5f8af9f9ea5247ceb310807bba810cb2f6e8bb797205ac35978626e93f10b87d
SSDEEP

1536:Ad5+4l+DucO/AareWFBYDrFPE8mR7mLinWNqxiw+nYBt1:AdZJY+eWFaDrRE1R7m5Oiw3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26073b39de3838805198a1ca11219763_JaffaCakes118

Files

26073b39de3838805198a1ca11219763_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ade4d781a664ead9b841e4261bb84bb6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
CancelTimerQueueTimer
MapUserPhysicalPages
TransmitCommChar
GetCurrentProcess
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ