deefc6a2e32f2f52ccd34dfa1c7fd4ef_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deefc6a2e32f2f52ccd34dfa1c7fd4ef_JaffaCakes118
Size

676KB
MD5

deefc6a2e32f2f52ccd34dfa1c7fd4ef
SHA1

970da011c45269c099c58a4b23f84ee56142cdac
SHA256

5402ba5b4ae9aff5e44fd12ecc313ecddf398d25ab262fd0f5fafd92c734b8d8
SHA512

822ed16bfeb15eb8e1acd96b2960ee731dd542cc9e0da706ef96749f93e9399711ca4ff43aabf379e12bb04039700ae29f23994058167cfdc6fc34dda2c76eb7
SSDEEP

12288:b7lVo88nknDa++69Awnbb1/8G9BCwLx8e1uo5WfRbB1UasKt002:bpVoiDa+/9NnbuG9B6e1HWNUaHx2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deefc6a2e32f2f52ccd34dfa1c7fd4ef_JaffaCakes118

Files

deefc6a2e32f2f52ccd34dfa1c7fd4ef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5320c32fa5b92d40af26784d8a06b50a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rsaenh

CPDecrypt
CPEncrypt
CPCreateHash
CPDeriveKey

kernel32

GetCurrentThreadId
LoadLibraryW
WriteConsoleA
GetShortPathNameW
CloseHandle
HeapAlloc
VirtualAlloc
OpenFileMappingW
CreateSemaphoreW
LoadLibraryA
CreateProcessA
OpenMutexW
lstrcmp
FindClose

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ydata
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ