331f17a56365c997b37414bd200d9c9a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

331f17a56365c997b37414bd200d9c9a_JaffaCakes118
Size

366KB
MD5

331f17a56365c997b37414bd200d9c9a
SHA1

45d12c93cd8243b16ad338d56af5e4e393f0dd03
SHA256

e8d326424fdbe92fa69e7f799b29a50ab4351e4798e972f765f8d6f35129b054
SHA512

2cd98ef34a32e8f94ce59cd027e007f50f9cdc8a4c4f3a938bcdf537b1a8a09a9bc78ef925c0da4ab055dca40eecbeb7f0d9bc41ff3774e2cddfa8f6e448af62
SSDEEP

6144:T5EUkck1Uw6TunlPGoaBYjaeVml9xFd+IjDdmiv42LXtO2hVI:CnckujCETeQRFd+Udmird32

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
331f17a56365c997b37414bd200d9c9a_JaffaCakes118

Files

331f17a56365c997b37414bd200d9c9a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookOff
HookOn

Sections

CODE
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ