6ee1a4e6446784a3d3c0771daef3377a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ee1a4e6446784a3d3c0771daef3377a_JaffaCakes118
Size

40KB
MD5

6ee1a4e6446784a3d3c0771daef3377a
SHA1

dc255fea0da61011a0718b6fb3a258ac860fdd61
SHA256

2b529a966ce667017216a7bac9bf63e8179f09c3ccd0aa76f6453cbf58ccd598
SHA512

3d8af5dbc72c764ccf76c0e2bcad6413f02d3fad65dc16340546f7b809f8ec7efb1ca628b86adb64f33f4b6a912a137c8703ad8b4691ce178e50f4b56ec499ce
SSDEEP

768:We3JoyLOXZg1ItKPWNCEoe8bCDNKb9lBi9bVsd9tpF2GU:zoyKpg1ItKebNDobyW9tSf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ee1a4e6446784a3d3c0771daef3377a_JaffaCakes118

Files

6ee1a4e6446784a3d3c0771daef3377a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

404cd78c7338cd6369b954014b2d4f22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
BringWindowToTop

Exports

Exports

BeginYtcfqxcfclo
Wxvnvcbr

Sections

.text
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec2
Size: 128B - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ