2e44667a400f383575a5cbe50be96fe3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e44667a400f383575a5cbe50be96fe3_JaffaCakes118
Size

77KB
MD5

2e44667a400f383575a5cbe50be96fe3
SHA1

842c6e4e48f2e7974bbf1dd29fb7c9fe93b19720
SHA256

c3a3cbc8fc6fddc553c5095a01dcb05b8d06b5410048694d6750106be3da64ce
SHA512

a912b9771029bd29f8b568d8435b8fe7e96fd0ff43b1339f730d8ce617895bdd4d3ac70b9775930fa68f136c46f36a171851023e8c90a2fa9cc0788a0548eaca
SSDEEP

1536:ku5a3CePB2Pd7Ffe7p26IhosELbnnTlFCre+HP3j4O:4RJOd7F4bgPQzGVP3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e44667a400f383575a5cbe50be96fe3_JaffaCakes118

Files

2e44667a400f383575a5cbe50be96fe3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetModuleDescriptor

Sections

.sforce3
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 268B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 864B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.start
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brick
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE