052dede159496a52761bccb336140e29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

052dede159496a52761bccb336140e29_JaffaCakes118
Size

33KB
MD5

052dede159496a52761bccb336140e29
SHA1

d168dfb3f70cb4a416a9cfca58f5f918ba2564fb
SHA256

abfcfd055a8234b552be05302a4552540e50e324459f6d58932529af33018e6a
SHA512

379338da0b055374a421d136c6e12566abf28043a3cc45425a85533fb2cdc99401aeef90296f96f259746673f6a8d613cff5e0cf1c8a44f5ff09bc02e4b6366a
SSDEEP

768:WeZqj1szTFIIb99Qw+1gObohlQy9h/vR4sx3uf8Wkv:dZqj1sXqdRnoljpEEB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
052dede159496a52761bccb336140e29_JaffaCakes118

Files

052dede159496a52761bccb336140e29_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Hookoff
Hookon

Sections

CODE
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ