c8ca68242c88bdc017df916e10ea649e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c8ca68242c88bdc017df916e10ea649e_JaffaCakes118
Size

140KB
MD5

c8ca68242c88bdc017df916e10ea649e
SHA1

313455e90db1a8e7b7757ce16e181c8eda0e8ca0
SHA256

15c5d504dd5db5562c9c98fe28a394920563d7cfddb023ba8aac5bc42fd513cc
SHA512

b57123364cedb1a3805be863545395502781a25abea454729dfcc4131fa1c8281604650676ffbb5d068ac513edda47f57ffb1715ed4fbbeb10d49234e0622ed5
SSDEEP

1536:7bucl73qA/IdWwqBMTCRVFhu9VVVVVVVVVVVVVVVVVVVVz2hkHhVVVVVVVVVVVVJ:7x73qAAdzsMeeV81kNda5RctqpSvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c8ca68242c88bdc017df916e10ea649e_JaffaCakes118

Files

c8ca68242c88bdc017df916e10ea649e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47b95eaa8a92898962a601a6fb44ee48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

JGS6EncodeBlock
JGS6EncodeBlockQuery
JGS6EncodeCreate
JGS6EncodeDestroy

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE