f56b84a4b286088bafb5ec58247f7201_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f56b84a4b286088bafb5ec58247f7201_JaffaCakes118
Size

318KB
MD5

f56b84a4b286088bafb5ec58247f7201
SHA1

5875308a9bef0a49d91ba68d35909c100c9c8049
SHA256

2e9f7cb60407c46d9417199bff1d6d5d13c5d5b2adf500750415cb2901b074ea
SHA512

a7b146930b2af6d0e6e3f25a30798282c63fd48af114af3eab6c65068576a187e4e479643f522e785c614360340a088d0148cbc5cf874a33a447a473d28b0176
SSDEEP

6144:WXzwSgZV37iMbkQvM5un8/8grAxh8DzEDOB3Q5ksxFRl:dZh2MRUg3TxhuaO3Q5BfRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f56b84a4b286088bafb5ec58247f7201_JaffaCakes118

Files

f56b84a4b286088bafb5ec58247f7201_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

CKGetPluginInfo
CKGetPluginInfoCount
RegisterBehaviorDeclarations

Sections

.sforce3
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1016B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.start
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE