10e09a66ccbf9ac755abc92a27cdb72c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10e09a66ccbf9ac755abc92a27cdb72c_JaffaCakes118
Size

83KB
MD5

10e09a66ccbf9ac755abc92a27cdb72c
SHA1

f460bf8574529089586744880fe26ace69fef223
SHA256

19be871066034c2142e9f9bd40fd5b16fca4d449f425dd4b47011148f159d4dc
SHA512

64c72ecd36d2fc72ff7d9ac838d2abccf01628585b70f92badca87514e9f9ff06dee708a26c6bc94ad525c7faee851397fe29f037a628d788a4c71922e5460b1
SSDEEP

1536:hYs+Y2z8ZInAWZXugEjWZn0TYJVpspkdsHrOsQCuvAH4Vjwph6Ufn+iVeQicUNLo:hYse4uXxugEjWZn0wpRsHrSxwzd/+eim

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10e09a66ccbf9ac755abc92a27cdb72c_JaffaCakes118

Files

10e09a66ccbf9ac755abc92a27cdb72c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dba9612cc9f3e7ecd55d82d7753b973

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
MoveFileExA
VirtualProtectEx
ExitProcess

user32

CharUpperA
CheckMenuItem
EmptyClipboard
DeferWindowPos

Exports

Exports

Mjadcvt
SetRyufrinbsa

Sections

.itext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lrq2lr
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lrq1lr
Size: 74KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

KK
Size: 512B - Virtual size: 520B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE