2eb80537bd2405cf9f8815b42f3dee98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2eb80537bd2405cf9f8815b42f3dee98_JaffaCakes118
Size

185KB
MD5

2eb80537bd2405cf9f8815b42f3dee98
SHA1

8dff8e32999864d50873b04c106286cff76a4a8a
SHA256

0e80f38fc8f1cfb4b75463cc3d6a071c63c330817da5fd84444359e3c094853d
SHA512

a5bb6637a0e6ab515edec145720facc42bc0ac18fbd3c57c1505855627c0ecb909e2f62dfc6668771f048e59b95b3eba1932b9252093fd0b088d44e369f77565
SSDEEP

3072:9uIUcq2NjQ8y+aKzL5321klBPDn/m+tX1m9+H+:9zULiC+agL56k//m+tX1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eb80537bd2405cf9f8815b42f3dee98_JaffaCakes118

Files

2eb80537bd2405cf9f8815b42f3dee98_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01a8699f1eec25093a2b94893b9f380e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedCompareExchange
SetSystemPowerState
SetEnvironmentVariableW
GlobalHandle
SetThreadIdealProcessor
GlobalAlloc
GlobalReAlloc
GetLocaleInfoA
GetLastError
GetTickCount
GlobalLock
LocalAlloc
GetProcAddress
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException

Exports

Exports

BackupArchiveClass
BackupClean
BackupCursorWordArt
BackupGamma

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 798B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 74KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ