35aba1f0acda93890d5c0f274b649915_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35aba1f0acda93890d5c0f274b649915_JaffaCakes118
Size

34KB
MD5

35aba1f0acda93890d5c0f274b649915
SHA1

77ea65dd925a8e9d4ba017a73d0330a3c6411bdd
SHA256

bc8cc3e9f24f1c074b36b4791c2c753ab9af06da637f84eb58bef44f8113c1b6
SHA512

52d4eee9d88f989276611172547bffe67f970dd65aa9cabbaad7144c5a7b8f6b371670234429db7d195244c7968c1524431798edc126d5bb95d29ecb41d37ecc
SSDEEP

384:DGAzn7e8sjegCdxF6bz6ubUIkJd7HrxED3Xy0Z/QKWHqjjA5x/06gG6sZ+E7kB8:DEjefs/4Jd7NGi02KWK+dp4FdD6tXB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35aba1f0acda93890d5c0f274b649915_JaffaCakes118

Files

35aba1f0acda93890d5c0f274b649915_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
StopHook

Sections

CODE
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ