37d63f18e51d0893db9cc75957fd75f8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37d63f18e51d0893db9cc75957fd75f8_JaffaCakes118
Size

343KB
MD5

37d63f18e51d0893db9cc75957fd75f8
SHA1

d31756d555f7ccf3cb4fab592da864145d439682
SHA256

92c5dc6ae087f6ed99640100ee37e937775cf91f7c5407baf9e0065842b59f0e
SHA512

6d57774a7ee939f91056f25b891c5202bd8c0407581d6f33412527cbc458f9f23a57d848c2983a962ef01539847b5bd31e931c30c2fa188aeb5a4e8d529221e0
SSDEEP

6144:LsekXvOJZLt5nc//////iUrH8v9sqM78yuV121DwvUjuFopicmWXzKLyS8cCdTbz:Y5v4ZHc//////ikqM78yg21djuFoRm2J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37d63f18e51d0893db9cc75957fd75f8_JaffaCakes118

Files

37d63f18e51d0893db9cc75957fd75f8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetInterface
madTraceProcess

Sections

CODE
Size: 296KB - Virtual size: 295KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ