dce1ec46577d02e5a4871bd43659118b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dce1ec46577d02e5a4871bd43659118b_JaffaCakes118
Size

26KB
MD5

dce1ec46577d02e5a4871bd43659118b
SHA1

9be75e2b24d3ef6d16192c4bc1ba54f28b2ad411
SHA256

41bc5e796163abf1791e10d613b378cbe8af541227168b0bf479d055d6bb31fe
SHA512

84dc61890c3ead82010e2cdc403e07f72d65b283034fb95850dbb40a9687cf0567f004813cbff407a31286f3c0bf9df4f24469b313be32b3d99de56080c0d1bc
SSDEEP

384:gWmjS01zBe2mjbMJlHCOIoE3X13HipPzcSLv9JC3IiS/40uHg2dX6kf9F4WBWy:5mTtBe2mnMJlUX45zrj31//eA2ZJj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dce1ec46577d02e5a4871bd43659118b_JaffaCakes118

Files

dce1ec46577d02e5a4871bd43659118b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9edd3afca358bf32ecc8866b7aa74775

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeResource
SetEndOfFile
WriteConsoleInputVDMA
lstrlen
WaitForDebugEvent
ReadConsoleW
SetConsoleCursorPosition
SetConsoleCursorMode
lstrcpyn
OpenMutexA
GlobalFix
FindResourceExW
GetStartupInfoW
PeekConsoleInputW
GetStartupInfoW
GetCommandLineA
ExitProcess
GetStartupInfoA

Exports

Exports

Fpgfembmy
Urngfhekygp
BeginRddhgqath
BeginFefbxatsa

Sections

.text
Size: 4KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.huvny
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE