e05bf80a0a228e9889bb2a1300eab8aa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e05bf80a0a228e9889bb2a1300eab8aa_JaffaCakes118
Size

35KB
MD5

e05bf80a0a228e9889bb2a1300eab8aa
SHA1

979645ee9717bc091a8037fe16123594ecc77f2c
SHA256

47aea73f5c55ec6dfa12da1f617bbd9fff67152c46bf34f9a4e9409796ca37d3
SHA512

fa927229ac869e93d68835a7756b778cb514e06d4ce7ee0659b824bb6f1675bec0f9bdb3f03e47e62cc8b0520f927e8b8d000a049f1110521699e3d739a1359d
SSDEEP

768:ek6s4kq+INxRBYLwXX0I3uAhv8AlRZLNaaqK1FDTEHiZ:ek6FNxR+LSE/AW4PLxdjEHiZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e05bf80a0a228e9889bb2a1300eab8aa_JaffaCakes118

Files

e05bf80a0a228e9889bb2a1300eab8aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

404cd78c7338cd6369b954014b2d4f22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
BringWindowToTop

Exports

Exports

ReadBtgbnvbecin
Ajpmlolrt
Dtbwwvgy

Sections

.text
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec3
Size: 128B - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ