f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118
Size

64KB
MD5

f01a15fe460441f57c56467ae0ff0a47
SHA1

db2a6d52f79e8b9f4ab2b9b6fce8ddbd0d49039b
SHA256

6a6bc3b8481c0eb9cf1903cdb0cc1299d08ccc972abde66f2a372cee08c67f16
SHA512

a15893ba57248601a2207609f3a2a680494c4071c906fe66af198bc845e65d80d177c8aaf71a2eb700aa5ad4b19d3ac7f4d0c4dc210176bd1b8adb45c24179f6
SSDEEP

384:+Sdz8pwh6g7UUkjva1o7Q9KaonyYWQZhBEVccw8U3lf6ard4bozZ8SKQrCXOrQPh:N8pw48jkjwKzyYWqQ0p6QKOrQsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118

Files

f01a15fe460441f57c56467ae0ff0a47_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
HookVantiReadProcess

Sections

mian0
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE