f940f28a2252d00cbce461301796a880_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f940f28a2252d00cbce461301796a880_JaffaCakes118
Size

40KB
MD5

f940f28a2252d00cbce461301796a880
SHA1

22460970e31e131723a3ddbb446fad196c31cfdf
SHA256

c240db209912fb095d22fee810278b1fcc91b1c95d551a39e8107185eb8cd2ac
SHA512

de3609ffe210a0230af965ae6aaa0d764fa2f2aeedb89befac3fdd1cc1c9c4895199b71d0730955da1c4a6159995a0662d394de18f2d43a03b44ec9d32d69145
SSDEEP

384:Arn3x7AbxXTII6ya5BPZBAqedqF/FJhbHI5zjBiR0Z/qqr4gPXRD7WAA3jcoLnq:ArnhixxgnAdqFdgzjou1qYPPXB/A3x7q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f940f28a2252d00cbce461301796a880_JaffaCakes118

Files

f940f28a2252d00cbce461301796a880_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DriverProc
init
modMessage
modmCallback

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ