edab1f6163322d6461c62541694968f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edab1f6163322d6461c62541694968f8_JaffaCakes118
Size

74KB
MD5

edab1f6163322d6461c62541694968f8
SHA1

5c51b92f1523d406e99ea93d94a883ca504fd4ac
SHA256

280394f053b636ee4ff87798259455c8d3e843fced039a28ba57740b1c03ca14
SHA512

662b82415a9836f9feeb50adb3305d09b962a9b9e9546bace04a0a15b7ba943b4443c1fc9e1528f6349fcdfda34051b74f8613c03ec07f46c576ebe05fc7037e
SSDEEP

1536:BXzi6KsgTs2jvUotlNPbHqsCpB/6f+24SAXAQi35h7r0aQDO:BXWhxDjMAlVu0+vNwQqX0aQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edab1f6163322d6461c62541694968f8_JaffaCakes118

Files

edab1f6163322d6461c62541694968f8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CPlApplet

Sections

packerBY
Size: - Virtual size: 184KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bero^fr
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE