421fd029c666b2aa4b0a146d099c994c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421fd029c666b2aa4b0a146d099c994c_JaffaCakes118
Size

27KB
MD5

421fd029c666b2aa4b0a146d099c994c
SHA1

a35e95f957cc6ab83f29b38139dca5a49a45ba8a
SHA256

a09e596000fac022b43142baeac2c3537afcca4d3c5d647f9fa2de23156ebab7
SHA512

c4df520dcfe410351f9cc053d91289afcf5e0a6b03d37661ebc7b0468ba192d9b5711c970191a877911be0f595fac01bb48a6f388d918622742bddc64fd77254
SSDEEP

768:/KSQquzz0GQgrKbRg1woa5VkcZjWue5fEz7+Qwg:FQquzz0GQa1pGpjzUEzf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421fd029c666b2aa4b0a146d099c994c_JaffaCakes118

Files

421fd029c666b2aa4b0a146d099c994c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookOff
HookOn
StartHook

Sections

CODE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ