ea0c8ebb750c3f73abdc9ff842ffbc9e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea0c8ebb750c3f73abdc9ff842ffbc9e_JaffaCakes118
Size

63KB
MD5

ea0c8ebb750c3f73abdc9ff842ffbc9e
SHA1

daddfb2fe57d680f5869dba1042c25cede75c7c7
SHA256

97f5f1a75ce2783bf7892cea0d68171902f4bf0a9a103890f2438bd183321ee4
SHA512

0af0789346c13df1a0bdf45fcc2f6bc9d62ed244c2ad104ea41533c3652edeb0cdc7b01df2a2d60a6fe8b4853ea2ede90be1d6788b5d9b97213fe2791e971d6f
SSDEEP

1536:NSqA2oZBpFIOgnoo73BoPRALylKo4O89:N6fZXRQqZx4O89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea0c8ebb750c3f73abdc9ff842ffbc9e_JaffaCakes118

Files

ea0c8ebb750c3f73abdc9ff842ffbc9e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

404cd78c7338cd6369b954014b2d4f22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
BringWindowToTop

Exports

Exports

InitRvvbqggjpmf
Upglgbx

Sections

.text
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec3
Size: 128B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ