eb1fabbf6b067d6c986e54c34bb0433a_JaffaCakes118 | Triage

Sharing

General

Target

eb1fabbf6b067d6c986e54c34bb0433a_JaffaCakes118
Size

819KB
MD5

eb1fabbf6b067d6c986e54c34bb0433a
SHA1

1c8747cdd74f834252b23dee2f2b610d89996f45
SHA256

24656728e652bde069bfe6a4a58c3602141597c50e374bc00b51266d366c8030
SHA512

5d162264a8cfa1f5b33400675af186163153d29964e361a102488149a57c50f68a0bf259fd69bb62fa6c1ff731d8be7d13d16c70b8833e37095ebdcc615454b1
SSDEEP

24576:Q2OoMMm5X5cAzQZBydMcYCC0wdW9o6MX4X/TChuh3MA:QFM6F8DXP0z9o644bCyMA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb1fabbf6b067d6c986e54c34bb0433a_JaffaCakes118

Files

eb1fabbf6b067d6c986e54c34bb0433a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

aa25a38e724f9a96e7c7322231c559ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue

Sections

Size: 129KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 836KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wcxhlhjx
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mtndtxjk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE