4bc557fa85c81e5bbde631c8517a9abf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bc557fa85c81e5bbde631c8517a9abf_JaffaCakes118
Size

148KB
MD5

4bc557fa85c81e5bbde631c8517a9abf
SHA1

67187d416fc1b03a45e6e291ea5dacd0abed0684
SHA256

2feab1e4ef4d4d50dceeb22b641362549a83d6f8cea5faa5b58370d591a5b3d6
SHA512

89ad72b5eeb7b174219da817106e31fe2813be1c90b69d1dc0c84677d100b63fa1f2cd2849dbb0d806eb0c96c4b5c58fc6aaeafa210a12a7a140397a16a347ae
SSDEEP

3072:Tx73qAAdzsXxTR8oTLMvEAHwlsWtkHie1zPdHAINJ0a:xqAAdzpoTIrwGWUie1j6y/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bc557fa85c81e5bbde631c8517a9abf_JaffaCakes118

Files

4bc557fa85c81e5bbde631c8517a9abf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47b95eaa8a92898962a601a6fb44ee48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

JGS6EncodeBlock
JGS6EncodeBlockQuery
JGS6EncodeCreate
JGS6EncodeDestroy

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE