2f4347ee1381b25cc215a1aea25ac468_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2f4347ee1381b25cc215a1aea25ac468_JaffaCakes118
Size

148KB
MD5

2f4347ee1381b25cc215a1aea25ac468
SHA1

989ecf64f79f0d570961aa693abfff263494cc72
SHA256

7e84d5e2bf7195cc285c7630cfe29c45441646244e8a5a8f3bfda9bd33f7164f
SHA512

aed0138c30519a78160a12709cf82daeff47be9a9a7fe2fb63d92eb10d3a79c3327c4fe5e54466120c5c736dfe9e6b51ce0bf0558d32ea297bd5bb11b76d55a4
SSDEEP

3072:2x73qAAdzsZHEj6na+5voJgo5GfqKnmWvQusDDbB6AeE4d:EqAAdzEbna+68i4Qusb0XE4d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f4347ee1381b25cc215a1aea25ac468_JaffaCakes118

Files

2f4347ee1381b25cc215a1aea25ac468_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47b95eaa8a92898962a601a6fb44ee48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

JGS6EncodeBlock
JGS6EncodeBlockQuery
JGS6EncodeCreate
JGS6EncodeDestroy

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE