b91c01dc687b2984ef4e4f1515ae3ee7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b91c01dc687b2984ef4e4f1515ae3ee7_JaffaCakes118
Size

20KB
MD5

b91c01dc687b2984ef4e4f1515ae3ee7
SHA1

3bd74815fd9c35977e61f8baa97b04fdf090d9f4
SHA256

a9122a3910802b1ead8d6f00a297f87e6b959550e7424dd86ececdb1184ff57e
SHA512

e90dc21022af40c52d6b753d72d5c0d2ffd2d58e9ffe36b95a842d4306c16ef99a6ef65ced7dd07efc8aeb234ba2ea44ba8e97b0604c3715a5e93d604a35673b
SSDEEP

384:gzcC4OhnJJM5GkJRGNEsBjYofnUUNWKnY8Kdb4:gzgOhJG5b3GNEslTcLOY8w4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b91c01dc687b2984ef4e4f1515ae3ee7_JaffaCakes118

Files

b91c01dc687b2984ef4e4f1515ae3ee7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a7b930af544d4bf7aff24e2ce9597aa9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
GetProcessVersion
CopyFileA
VirtualProtectEx
ExitProcess

user32

CharUpperA
CheckMenuItem
EmptyClipboard
DeferWindowPos

Exports

Exports

GetAqjmuji
ReadWluwlgj
CloseSgkleair
Nhdhvqrsnxg

Sections

.itext
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lrq1lr
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ