02f7271ffe405377f83deec0b2048ed8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02f7271ffe405377f83deec0b2048ed8_JaffaCakes118
Size

14KB
MD5

02f7271ffe405377f83deec0b2048ed8
SHA1

71ad941756c05fe1c27537f1794195689fcbd9f3
SHA256

4eab5c4365b5d0a4d3c1b50c25bd8a85a35b2441fdcac57c1d6a4594642c99ff
SHA512

50669879869acca1e795354807d8e0960ccd3e0e95d96c48e7fc57190c8739b67f544ed2b71497c1b314b35059d779c228e772c8a1f020a04ff5e112f49cbafb
SSDEEP

384:l1r5+v36XyDWhB4zl5TBi3mUwe7kN6GKRtVsdZermhmO:u3cwRvRU77kN6GitudMrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f7271ffe405377f83deec0b2048ed8_JaffaCakes118

Files

02f7271ffe405377f83deec0b2048ed8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
HookVantiReadProcess

Sections

mian0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE