2446cdececcdc0ff472feba3b16888ab_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2446cdececcdc0ff472feba3b16888ab_JaffaCakes118
Size

168KB
MD5

2446cdececcdc0ff472feba3b16888ab
SHA1

1699dcc179dfb7d933f46a7ea8c465b96b7047ba
SHA256

04c5d2b45844258a07efc6e46412a97155181c76795bd2f131f75dabee4c8b6e
SHA512

74e7d9b3579fd24c9820cb26cc6146ee5dc0166456b3b2ba970a436ad605e666ab048024c0cf7228f5e00b20aa23ce7eae59e5ac19d21daf479d1464d8245b62
SSDEEP

3072:E61Ye3TaEu2CoCcn3zO7A4D8XHA182N4R0rPWcIZ+Y8mh/Al:1Ta12CoCckAe8w8Q4iPWtZ+Y8wol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2446cdececcdc0ff472feba3b16888ab_JaffaCakes118

Files

2446cdececcdc0ff472feba3b16888ab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

346d60e37a38da26b7d234c6530424cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_adjust_fdiv
malloc
memmove
free

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FreeLibrary
SetErrorMode
LoadLibraryA
GetProcAddress

Exports

Exports

JgedCreate
JgedDestroy
JgedDisableComponent
JgedDuplicate
JgedEnableComponent
JgedProcess
JgedSetOption
JgedStart

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 678B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE