31c922f4f812c870aefc36289f623e09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31c922f4f812c870aefc36289f623e09_JaffaCakes118
Size

73KB
MD5

31c922f4f812c870aefc36289f623e09
SHA1

788f984dd4c50a59884e27d134c10b5595510c77
SHA256

74f3085a12d35f280c4bdf8669d95cddd3661526422ce0361c1066abf8d099b5
SHA512

0c77f82e5156a9c045206d9c7c886ef68481137e9218e772e616bec8c8b3b1264a7e166e3b66c8472d9c95d5d42b3fd875fa373be12157cd61ae6d400d975e2a
SSDEEP

1536:pZIZqCTsWlG080IjesJMVxKOdNA2HqsH+hayXXpN:QnTNlG08JjPGVRHRHmayXXpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31c922f4f812c870aefc36289f623e09_JaffaCakes118

Files

31c922f4f812c870aefc36289f623e09_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
InstallHook

Sections

CODE
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ