eb287317a8a294e6aeb8d86f41a81230_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eb287317a8a294e6aeb8d86f41a81230_JaffaCakes118
Size

59KB
MD5

eb287317a8a294e6aeb8d86f41a81230
SHA1

54c67dd1c4cc2999e3d8005f12d57542d954e9f7
SHA256

3b49a7fdd69833a99e4a5b791447743fbe13a2243ab86234d382658f21887f84
SHA512

f94f3125bf357cc6e5fdf3568f0c8ab50da0bd7266b3e8ed7568b58e403f263b03088169582a899199d5bb4a02558540a6e1bb7a94b723c7878fb35b0f395e2c
SSDEEP

1536:EwVykPVS0cIuXiw8msgh1PHiPPkjLrKdpR:EyPVSykt8vg/HiPae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb287317a8a294e6aeb8d86f41a81230_JaffaCakes118

Files

eb287317a8a294e6aeb8d86f41a81230_JaffaCakes118
.dll windows:4 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

Exports

Exports

CceDetectInputCode
CceGetAvailableEncodings
CceIsAvailableEncoding
CceStreamMultiByteToUnicode
CceStreamUnicodeToMultiByte
CceStringMultiByteToUnicode
CceStringUnicodeToMultiByte
DllMain
FetchMsEncodeDllVersion

Sections

.MPRESS1
Size: 54KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE