ff026cde5c9ab84ce669919b0a1ee4ac_JaffaCakes118 | Triage

Sharing

General

Target

ff026cde5c9ab84ce669919b0a1ee4ac_JaffaCakes118
Size

19KB
MD5

ff026cde5c9ab84ce669919b0a1ee4ac
SHA1

873438aa2998ed10752d867d4c36d49ec455a840
SHA256

b05a75e30a33d3bb175f081b5d1b85c183ae15d269ebe21112daed993c3050ff
SHA512

3b57e83f4165f2e1bab4cfe2fb52ad632002771c055bd6f1d58f739aacecbbf65547840dd235d0829fc91d51b7fe6b0073a99be8efa2e520c69b3d099e074eea
SSDEEP

192:A+GCiqlcNwHB1n5ZVZoEdQ9T4N4ty2WuRO7AV5VJsTNOagnxBmhPGFXX/NogTa4:wqlPhhfa9XtS7QVJsEagxBmhYrTa4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff026cde5c9ab84ce669919b0a1ee4ac_JaffaCakes118

Files

ff026cde5c9ab84ce669919b0a1ee4ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

404cd78c7338cd6369b954014b2d4f22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
LoadLibraryA
FreeLibrary
VirtualProtect
ExitProcess

user32

CloseWindow
BringWindowToTop

Exports

Exports

BeginXgpgxmjyl
Xrljmrdlkej
WriteIcjdtbe
Cecpdgw

Sections

.text
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sec3
Size: 128B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ