09813fae4c9aa58bb50f0bf3c0cc6b81_JaffaCakes118 | Triage

Sharing

General

Target

09813fae4c9aa58bb50f0bf3c0cc6b81_JaffaCakes118
Size

69KB
MD5

09813fae4c9aa58bb50f0bf3c0cc6b81
SHA1

16463c14e2ef1643b8d48d29e7a54e45d10f794b
SHA256

2d2830b307dff57a5f81ef60428c9f66359f4ceaf38fda57d35d4c09b3f712fc
SHA512

617cb903ecd28c2f396c691356d77dda3aeaf3e7e13232f4e6e1face9260950e8977eb463c17b403f7efe6b06b8eab54d873d8f179c5388468feca9e15f21cd7
SSDEEP

1536:f8m6CfR35kkE+fZr4krw5yTfHi60Di2/ZTvR9ihIsHlLYEqrQa9pj6:UmBfR35kkNZskrT7HijTvRfprQWj6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/eclgf222.exe

Files

09813fae4c9aa58bb50f0bf3c0cc6b81_JaffaCakes118
.zip
ECLiPSE.NFO
FILE_ID.DiZ
keygen.zip
.zip
ECLiPSE.NFO
FILE_ID.DiZ
eclgf222.exe
.exe windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Sections

.eclipse
Size: 20KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eclipse
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eclipse
Size: 2KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.eclipse
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE