ea5d3c0f9a6d995f2407ae633cfe8741_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea5d3c0f9a6d995f2407ae633cfe8741_JaffaCakes118
Size

168KB
MD5

ea5d3c0f9a6d995f2407ae633cfe8741
SHA1

70747d01f4eccca0eb81636f8838a6edf017ad2c
SHA256

69d8b451b224ed8acb8a8617ddcf45fb22c9c325c6d4385a3ddcd013e852f5d8
SHA512

8431eadaee0b3fe13a9f1ef2bcd31bbf43c3413707e594d3806505fe20368fae553bd144dc114e01759fcafd21681238dc3d7c4423aa58ee903027941cd275bc
SSDEEP

3072:KFVd8yZpwGD1et8m4XnmmZwIM6i96s2sV2mFiQrhKfeYTIk7H/w:KHdNZMt8m4W7grefrYfedkLw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea5d3c0f9a6d995f2407ae633cfe8741_JaffaCakes118

Files

ea5d3c0f9a6d995f2407ae633cfe8741_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47b95eaa8a92898962a601a6fb44ee48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

RtvEBlockQuery
RtvEDestroy
RtvEncodeBlock
RtvEncodeCreate

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 374B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE