26e0b8aca06620242d84f39f71a04376_JaffaCakes118 | Triage

Sharing

General

Target

26e0b8aca06620242d84f39f71a04376_JaffaCakes118
Size

251KB
MD5

26e0b8aca06620242d84f39f71a04376
SHA1

f8af2c3a5b19b59fdc998d3be8ff01bab3119292
SHA256

304901439ea40b53727d5c1368628ff66d9ad58ee773f55dd7b1ca15275fa8ca
SHA512

eb346ec4521257df1895e9919611336131bf5a2b6744ce8e7334a5810ba50c959c4a19244e07736b29f3b45b340e734dbcf9dc367e7ea9c56b6b15fed3c96a71
SSDEEP

6144:S26a5G/v1R0y3+uCwYzJzEn8GdatadMKvgUHd2yQY5G1P:S26a4nD0y3TY1zHbodMKvF92vj1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e0b8aca06620242d84f39f71a04376_JaffaCakes118

Files

26e0b8aca06620242d84f39f71a04376_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\kdglkrkjdfhslej\Documents\Visual Studio 2008\Projects\PRI\PRI\obj\Release\Cat.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ