34a0fb58ea6dc0ad23f3ca5b3d8607b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34a0fb58ea6dc0ad23f3ca5b3d8607b0_JaffaCakes118
Size

58KB
MD5

34a0fb58ea6dc0ad23f3ca5b3d8607b0
SHA1

cbd5ea8b83e7e0cf7f94fe83d429d01055c48cc2
SHA256

42f3f5f2fe3fdc8ea85af4de0cf30875f65ef06ef091d5736e62f47c5ee2093b
SHA512

16be99b8d29caa828a30e51a758445588fc8fedb6a2aed5c75e239728fcdc5e7fb8f8eb423dc33ae484852a90104997b0d8f13211a10feb12dc73898c1324ddb
SSDEEP

768:OyIqVQZvwoDXGIahO41ueCCOUsVtDxeZw/TtKPrZu:5IqVQB/yISojUmEa/Ttu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34a0fb58ea6dc0ad23f3ca5b3d8607b0_JaffaCakes118

Files

34a0fb58ea6dc0ad23f3ca5b3d8607b0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHoo
StopHoo

Sections

CODE
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 212B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ