5fe8f8290dbc828c14181e4e957bb983_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fe8f8290dbc828c14181e4e957bb983_JaffaCakes118
Size

69KB
MD5

5fe8f8290dbc828c14181e4e957bb983
SHA1

8819622acd46f21cc468f8be4df2fa7e5b559a49
SHA256

ad655ab787dc2a4d6e390c68599bd65697e49f92b584abf19e8c62d73d6f7b1d
SHA512

c56d696735c70aa6ac0bca0fdf4a3b01d0c7a12a0bcc265073ee359143096320c4a0e330aee656b5a043b6a5862a26d31c0f501b46fbf9249ba268c1a484af46
SSDEEP

768:7Swyjgm+lu6Unj/J/UJ7Xoc0aM+haxKvYx1F1m2294fcl+VOeUKWeyVMGHvIgDyS:7hyjw4ns0ZIaxKvYfFWUw+EeUggDOQlj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe8f8290dbc828c14181e4e957bb983_JaffaCakes118

Files

5fe8f8290dbc828c14181e4e957bb983_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook2
StopHook2

Sections

CODE
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ