30e9394d9ff4080a2e4cff6ae6b41742_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30e9394d9ff4080a2e4cff6ae6b41742_JaffaCakes118
Size

492KB
MD5

30e9394d9ff4080a2e4cff6ae6b41742
SHA1

40bf874c97cad913add21eaf048941cb6275f5cb
SHA256

7185031d871514316d8686c3d58839e7e92d5469527da311fbed799c1bc40fb7
SHA512

22dd58e2655ec5a1fc0e6e00bb60d2dd933d97954f4a82c238ca52ad009a68c03ed29d22f688e8a861288a54ac6d5681172f30268eb1bc08006d67a01834871e
SSDEEP

6144:fZs0XNCevyH4JnfyF9d7johb9RDF/gGtY7qxic8EeoxCkK9zGTdWOTolGSl:O0XNCV4ZyF9QgMYWH/K9iTd7T+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30e9394d9ff4080a2e4cff6ae6b41742_JaffaCakes118

Files

30e9394d9ff4080a2e4cff6ae6b41742_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CPlApplet

Sections

Size: 380KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.petite
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE