e0c19c3c95ecc9adba8c44e74166587a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0c19c3c95ecc9adba8c44e74166587a_JaffaCakes118
Size

91KB
MD5

e0c19c3c95ecc9adba8c44e74166587a
SHA1

a3a6b81c3fc34735361e194e298384998045ada8
SHA256

1dc987a62e978ba7ec7450c4fcdfd5d772412e444eab8fa881969f27fa60109d
SHA512

0ee01eec738e8f8e089dfe3e677300074d1e64e9197c4cc2a95f645810cc9b28c7d6c30fdfe94087b4250eb521335be2f20514900519001f18ad53b9a1c32f3a
SSDEEP

1536:pGBd4I+Q/cqOfuH+7tuoH78DAHHy80DGjGr6c7l3PlG6gsOiGSQu1ka6K9YNHATn:pGD4e74ue7RQDAHSrG6mKp8SYNHsn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0c19c3c95ecc9adba8c44e74166587a_JaffaCakes118

Files

e0c19c3c95ecc9adba8c44e74166587a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

df1387544d755e8316253f86622e47df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
VirtualProtect
GetModuleHandleA
ExitProcess
SetConsoleScreenBufferSize
GetStartupInfoA
GetModuleFileNameA

advapi32

GetTokenInformation
ReadEventLogA

Exports

Exports

Vkabeeyqo
Taahnwpc
InitChgqdwxcieb
CloseGxsmhtt

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ldata2
Size: 16B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enull
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ