2672084a949600a55a965ef3b38dc01b_JaffaCakes118 | Triage

Sharing

General

Target

2672084a949600a55a965ef3b38dc01b_JaffaCakes118
Size

29KB
MD5

2672084a949600a55a965ef3b38dc01b
SHA1

e52154b0811ddce6ae4c092d3fdead6b90e89863
SHA256

3ce3ae1fb3e9b3d3e78333b7f4dc3f48b6075d4922047451ba63cb2c7c72799f
SHA512

82e53a8347f5e63e6cb4d6823dacb81894d1b42ba02f60ba77135347503dc7dcd987f6122bae68a6cabe00a3f9627784927c91c9bc1a6c603385240f24be646e
SSDEEP

768:H4GrR17+n1ez4qWZ/xvvHYeVxn2zxWmmETy02FS:HfzCn1hqe/xvRVB4xWeg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2672084a949600a55a965ef3b38dc01b_JaffaCakes118

Files

2672084a949600a55a965ef3b38dc01b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1ab51777bfe8717f0e66171283188471

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
CreateFileA
TransmitCommChar
VirtualProtectEx
ExitProcess

user32

ShowCaret
GetCaretBlinkTime

Exports

Exports

BeginSaabyhbo
Skaoaduiu
Cqedxxqp
SetDrnccssswd

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ldata
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ydata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ecode
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ