eb25e3366a430579487a90a887cd95db_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb25e3366a430579487a90a887cd95db_JaffaCakes118
Size

229KB
MD5

eb25e3366a430579487a90a887cd95db
SHA1

6634a434b4d484086ec85686cec6b290339b5818
SHA256

7961817ee62b5a957f145d062fe29986053d701b4d20d1c5ec720ee5fcfa8e15
SHA512

f8139a961932ea733f82ccda05e1db5283fed84a056816d7f46f7193434c27ac1e1cdcc2aa5f9b1c67374a8f329eadbbecd0f0df589ce1b7e39e5e2da9d96672
SSDEEP

6144:O2zCRmsRvPoit9eUFSVEeEOtzuWh168fcSKTp:O2zCR9TbFzeb1uWj68fde

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb25e3366a430579487a90a887cd95db_JaffaCakes118

Files

eb25e3366a430579487a90a887cd95db_JaffaCakes118
.dll windows:4 windows x86 arch:x86

514c4c1141c3d9d3dcedb42bddd01132

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushFileBuffers
GetCommandLineA
GetModuleHandleA
InitializeCriticalSection
ExitThread
SetEndOfFile
Sleep
SleepEx
lstrcpynA
MapViewOfFile
ExitProcess

user32

OemToCharA
CharToOemBuffA
MessageBoxA
DeleteMenu

advapi32

RegOpenKeyExA

Sections

.text
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 572KB

IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ