0101c817c866a47fc290b430dc0f1583_JaffaCakes118 | Triage

Sharing

General

Target

0101c817c866a47fc290b430dc0f1583_JaffaCakes118
Size

43KB
MD5

0101c817c866a47fc290b430dc0f1583
SHA1

442c247164eb63899a6e72eb659f10d69fc188ee
SHA256

cb5e26867c98f81e33816689921c0e94853324286087a8ee9178229539321edf
SHA512

595a165ddf47ae7a7402e793224aba2fd2434e952f5cfc711acab288c0d454c2628fb58257b98f2bebb5af8ef65453c40b815a2a90ab3a17b674a5949e6189ad
SSDEEP

768:Nv+5qD1szHOhbZRTNjW+LBwWmqMT0rNsObAUr1QhFb8C8aEG:05qD1sD2T5BSqNsApr6hFz8ah

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0101c817c866a47fc290b430dc0f1583_JaffaCakes118

Files

0101c817c866a47fc290b430dc0f1583_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ