2d397ef74c083b208c903c0a94a0e28d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d397ef74c083b208c903c0a94a0e28d_JaffaCakes118
Size

41KB
MD5

2d397ef74c083b208c903c0a94a0e28d
SHA1

4d91d5f466ed10b2b55fb277033604e52329f930
SHA256

46aa21f20937228b0c1d5a8c333d4754b0ea3aa9566339b0d10488b3f7ea742d
SHA512

4e1f161d2fa9aea07f86c288a83381bb94445b0df08bc90b830ccc11522a05815957cd8c714b72590e4ea45fb80e2c171eee5957721018724aec9f5504f575e0
SSDEEP

768:bBnzf8FfNEN6W5EYV/FsrxenEF2ccdgZ5X75izyc9:Fnr8FfiLdpFkKG2y5Xxm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d397ef74c083b208c903c0a94a0e28d_JaffaCakes118

Files

2d397ef74c083b208c903c0a94a0e28d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook2
StopHook2

Sections

CODE
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ