33338f1c56db0732662c423f2ff00ffc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33338f1c56db0732662c423f2ff00ffc_JaffaCakes118
Size

162KB
MD5

33338f1c56db0732662c423f2ff00ffc
SHA1

3e0579a438f6df60984757118447d30be8abdc7d
SHA256

bad9b8f68594670e2b9da24b01356b4baa1efee4bc3935f32e7de1b4e67c429f
SHA512

844bac501731e5bfe7110945ca606a53b31ccc41183500072eb5d072718fd91475df4e8e40445de515b5551a914977c086437c1e03a6a4ca8455aecf59a07cc2
SSDEEP

3072:J5e18ADiHdode5gFAk4R1gooXUI/r/sC30wdHm7+KVidCMhenGTKz2cqjHLv:J5WrDiC0in4Xep30wx6+KqMGTw2cqjrv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33338f1c56db0732662c423f2ff00ffc_JaffaCakes118

Files

33338f1c56db0732662c423f2ff00ffc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 185KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ