f97dc56feecdf3c39912d71a9e4c7d04_JaffaCakes118 | Triage

Sharing

General

Target

f97dc56feecdf3c39912d71a9e4c7d04_JaffaCakes118
Size

104KB
MD5

f97dc56feecdf3c39912d71a9e4c7d04
SHA1

c5b3efab3c165cbad4f5d89adaa0c6cb7e78e9f1
SHA256

c2b2f5bd441bb01fc3fede8aca3af969ce95840170accfb83be34310ba5ae329
SHA512

cacf435be6649c988a531ee302ef838fae46f9128947fa18a4bc6646f1858417065dd36f6aae21844e1b06e12acb64857703cf93a667e227702817dd6282f31a
SSDEEP

3072:4x73qAAdzsMOQABZHLoar/qdkw6I6BmO0vEb:KqAAdzp2Dr+6B90vEb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97dc56feecdf3c39912d71a9e4c7d04_JaffaCakes118

Files

f97dc56feecdf3c39912d71a9e4c7d04_JaffaCakes118
.dll windows:4 windows x86 arch:x86

47b95eaa8a92898962a601a6fb44ee48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
free
malloc
_initterm

kernel32

DisableThreadLibraryCalls

Exports

Exports

JGS6EncodeBlock
JGS6EncodeBlockQuery
JGS6EncodeCreate
JGS6EncodeDestroy

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE