3c25d9647633ebf35033eb359201e5d9_JaffaCakes118 | Triage

Sharing

General

Target

3c25d9647633ebf35033eb359201e5d9_JaffaCakes118
Size

1.8MB
MD5

3c25d9647633ebf35033eb359201e5d9
SHA1

afcfd1a1700782757f4c65e790ce0a73943a97b0
SHA256

c6cfcc50c91315c4671b58cddcaa4a8c6b7cab06fcd7378bb8bfbb18a081cdb5
SHA512

a35e522a035a06c75a5f847446115d565d24b314b732f961dd023fe91a9e0996e98e8dbde76d4ba3c5df9a229aba5b7d48dcc6a60584b3fd605a6f05be477ff8
SSDEEP

24576:xThPTOaaBmRsO0Xnv046S+87c1R747m7YPpGVmDzBXVvszkd4VeFl5Z6NhYuJhri:N16BzhpGVAUzwt6NhhXMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c25d9647633ebf35033eb359201e5d9_JaffaCakes118

Files

3c25d9647633ebf35033eb359201e5d9_JaffaCakes118
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ