240c449235c7c742cf8cc6b0adf05e17_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

240c449235c7c742cf8cc6b0adf05e17_JaffaCakes118
Size

34KB
MD5

240c449235c7c742cf8cc6b0adf05e17
SHA1

df5022e8baaac455b40d6dc7fef2026c17277b3f
SHA256

157c327a878c1a59aa6794361a1fac6c5684f9c2c7143c629c38b1fa40af5c69
SHA512

954d480fdb5bbe1f3b706ac0395bad5321033ece3266e41288f93eb59ee242b06dae76bae26ad02c1333e565e5b1697d6e5e3598e4c5339883a1ac8aab4365ad
SSDEEP

384:gGszn7e8sWegCefQupYTj0R8BWzWNp7T8pbn+cqbPUVm8PoijAee2/06g9Ea4Qn5:gwWefS3GWSzWr3XVm8wSeRdkIK61dcu5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
240c449235c7c742cf8cc6b0adf05e17_JaffaCakes118

Files

240c449235c7c742cf8cc6b0adf05e17_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
StopHook

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ