6035df9cbd9ee443f3263cc8d8a9195d_JaffaCakes118 | Triage

Sharing

General

Target

6035df9cbd9ee443f3263cc8d8a9195d_JaffaCakes118
Size

53KB
MD5

6035df9cbd9ee443f3263cc8d8a9195d
SHA1

10dbc88356d51c8736a4c48246671b60967bc1f0
SHA256

e7135aa6d25f261e39f1789b7e16eb74e9ff2b8aed14e1f0967e46eb83cefed8
SHA512

18b82c2488b44f0a319d1d0957d5c288d7cba893ac5e68465ffb54f273d1dc1eea5d74cf76a6f0ac81ec0b0a792e71a94451fd2e1a12651818ef837b0a2f48bb
SSDEEP

1536:73ioqjQppEi9nA3p0xzAIjzZMrQvpn6eO:6opExmsIjzZMUB6eO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6035df9cbd9ee443f3263cc8d8a9195d_JaffaCakes118

Files

6035df9cbd9ee443f3263cc8d8a9195d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetPluginInfo
GetPluginResult
GetPluginRun
PluginFunc
PluginStop

Sections

.MaskPE
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.MaskPE
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ