e91852b9ef57a057164c864598e9a891_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e91852b9ef57a057164c864598e9a891_JaffaCakes118
Size

45KB
MD5

e91852b9ef57a057164c864598e9a891
SHA1

820b72e801173ea341b22fca3b4b3ae671933cd9
SHA256

73e52e4fa7b27bc94fef4fef01527200be6d1c2050871ea5ed78fa6f900f4e8b
SHA512

daea97455fdb86dbf5bfb4255ad9a99984cb15bb0c9e09d2ee52c5791c134b003041fbf11cdd882ecca7258d71c9e8a3a1361fe81822d3150e04c0d080392fd3
SSDEEP

768:1S/MqQ9/NQ+g3uUM+YyW3ElDpdGqX42Dvkp6LAu:0/MqK/NQpoyW36L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e91852b9ef57a057164c864598e9a891_JaffaCakes118

Files

e91852b9ef57a057164c864598e9a891_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
StopHook

Sections

CODE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ