0ce760b2951abb40e693e8fc946204f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ce760b2951abb40e693e8fc946204f3_JaffaCakes118
Size

72KB
MD5

0ce760b2951abb40e693e8fc946204f3
SHA1

1fe478e4fb8dcc4a5f579f08d95b56d0a32cd4b2
SHA256

076b720683430afbd4bf92e2204efab726256beb7078f5ce360d65e16730be67
SHA512

2b928df65ef2ef2c9ad1b1a01808031c14d691fce1cf0a3be1a43f6e62ee0bf836b796e2c54cf3b4fffabd13f9710438a2a7e98da6424573f8e0e7cce7fd16f9
SSDEEP

1536:3uvHUcBFLIVAk75gUuUEoUBnTp2wE8KK:eccDLIavJp2wE4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce760b2951abb40e693e8fc946204f3_JaffaCakes118

Files

0ce760b2951abb40e693e8fc946204f3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8ae4b86caac7841109af25524232d266

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetThreadContext
VirtualProtect
FreeLibrary
GetCommandLineA
GetLastError
ExitThread
GetStartupInfoA

user32

PeekMessageW
PostThreadMessageA

Exports

Exports

Awxeterlsgs
Qknquyq

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA21
Size: 3KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e4355
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ