07eb6bbdb61a06b4488dad3b4538c87b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07eb6bbdb61a06b4488dad3b4538c87b_JaffaCakes118
Size

1.0MB
MD5

07eb6bbdb61a06b4488dad3b4538c87b
SHA1

5f8db245cd3d82b3808680c4ad71632096b20908
SHA256

854e523319eecbe9fe0da25382fe8e3115f319e351f52571ea7e0e714314da68
SHA512

c45d884c2bf82e023bacc0035bb596a88f57e625a097459b10ccdbf6b6415b9b0d9f0dbb1b27da1e25c8a973109b9adb7e776a8efc7a83ccd6c382df4651e4ac
SSDEEP

24576:Ji9aCivcFGIXDAJXKLT0TizF+cVC6NWjD8qZBlQO4569Gg:JidiE4IXDAJ49Vzcs5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07eb6bbdb61a06b4488dad3b4538c87b_JaffaCakes118

Files

07eb6bbdb61a06b4488dad3b4538c87b_JaffaCakes118
.exe windows:5 windows x86 arch:x86

54518b1ee120c76a21c00cb255fe4e69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadContext
VirtualProtect
FreeLibrary
GetCommandLineA
GetCommandLineW
ExitThread
GetStartupInfoA

user32

PeekMessageA
SendMessageCallbackA

Exports

Exports

WriteDjjccmscdy
IsLwmmqlucv

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA21
Size: 3KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 1004KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e4355
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ