eec2e368204997e032f5b4db9a1536f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

eec2e368204997e032f5b4db9a1536f9_JaffaCakes118
Size

332KB
MD5

eec2e368204997e032f5b4db9a1536f9
SHA1

96327d9b6416848852aac3ada4e484addae237b9
SHA256

82f73ab8b680c7e77d5d2478a080d6e0309ef54d67cd11ad9336abc3eceed75a
SHA512

ec3508a66e881e7adfc965087e9716d94b9ff65f100538323e7f779e172474e7bc47d585a43f63b27a01e80f63709bfcaef1e15bf6103866dd8d6cc6944df1cb
SSDEEP

6144:3BQ7Bu1iCVXVYY7AVt8T+JCiQtCHm1WqAXcC9rovPyzr:3BQ7BqiCxiYkTCoHbxc8roCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eec2e368204997e032f5b4db9a1536f9_JaffaCakes118

Files

eec2e368204997e032f5b4db9a1536f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

381b7efe74f4f9b0dd95d5522651e330

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
GetLastError
ExitProcess
GetModuleHandleA
GetCommandLineA
GetTempPathA
VirtualLock
GetProcAddress
Sleep
VirtualAlloc

advapi32

CryptGenKey
CryptAcquireContextA

ole32

CoUninitialize

msvfw32

DrawDibTime

winmm

midiInClose

Sections

.text
Size: 4KB - Virtual size: 980B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 554KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ