3906d81fd2d50c14cb3ee8bf206810d6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3906d81fd2d50c14cb3ee8bf206810d6_JaffaCakes118
Size

73KB
MD5

3906d81fd2d50c14cb3ee8bf206810d6
SHA1

11d52350553f6d45b76b50a24a10af397a2fd67e
SHA256

f50abf6b3816cee9d2f3c716fe205f142a7976c5ceb3b7b1a3c45f8dcbcb9723
SHA512

01ad33c550cd7f0d5fdb633d40e3a16a8bcb093355e21fe4ed5e1e25c9173695a6a437c6862e05b27951742a3862b55e2defd458c14859197c24d274d050b462
SSDEEP

1536:dZKqeTs+dwWO6adI6ED2ZGjz5IIiFIxW0z6HRDHKxyZlJnN:YTlSWOlds2ZCEIB6HRDqxyjJnN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3906d81fd2d50c14cb3ee8bf206810d6_JaffaCakes118

Files

3906d81fd2d50c14cb3ee8bf206810d6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
InstallHook

Sections

CODE
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ