214153b85ca6d8f9b6802f39cd88bad3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

214153b85ca6d8f9b6802f39cd88bad3_JaffaCakes118
Size

820KB
MD5

214153b85ca6d8f9b6802f39cd88bad3
SHA1

86374dc521f89ed2fcc7e9702ecf85cfdc75d00d
SHA256

edc313cb6aae561e7ca195ac8eece66b6f40b2d24cee738a86f38dc004cf7cba
SHA512

15b960e1edab47437395b00176fc1fb999017de8031a310fae3a01290b33eed1272fe6d2c83bdafcc700999b651520e7aea2476a08a113a2e37f84f3a17066a7
SSDEEP

24576:x9IHu2onVtE/LilhFYmUfVP+mtllhApLXTI5NH2:x9IH7onVdh/vmtllhAgW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
214153b85ca6d8f9b6802f39cd88bad3_JaffaCakes118

Files

214153b85ca6d8f9b6802f39cd88bad3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EndHook
StartHook

Sections

Size: 37KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 767KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE