65068ffd116a9d9bb966041901d4bf31_JaffaCakes118

General

Target

65068ffd116a9d9bb966041901d4bf31_JaffaCakes118
Size

165KB
MD5

65068ffd116a9d9bb966041901d4bf31
SHA1

0eb58da552a9c6311e70647b70f69eed9bd7fc28
SHA256

1e61341e346150f793f3f8ba5ce5dd18889e687bc97bc434708be5af844de755
SHA512

3390c5c1cd049f6e3350201f552e469514a861cdacb0c15d26e70d0b2f1015ab533d79bc9c42cff598fadab70948974754b7daecdb5aef55821df253c2097f67
SSDEEP

3072:txf35Wb9UTlXvwyhdQXtvYTvlAkIPK4HHyWd1LI0d1LIB9d1LI9d1L:XhWpUTlfwnXtYTvlvIC4nZ1Lh1L61LIh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65068ffd116a9d9bb966041901d4bf31_JaffaCakes118

Files

65068ffd116a9d9bb966041901d4bf31_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

Configured
DebugIOCTL
DoDMA
GetDriver
ReadMemory
ReadMemoryBuffer
ReadMemoryF
ReadRegister
ReadRegisterBuffer
ReadRegisterF
WriteMemory
WriteMemoryBuffer
WriteMemoryF
WriteRegister
WriteRegisterBuffer
WriteRegisterF
___CPPdebugHook

Sections

peC
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

peC
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

peC
Size: 45KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

peC
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

peC
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

peC
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Exports

Exports

Sections

peC Size: 4KB - Virtual size: 4KB

peC Size: 3KB - Virtual size: 4KB

peC Size: 45KB - Virtual size: 64KB

peC Size: 2KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 4KB

peC Size: 4KB - Virtual size: 4KB

peC Size: 101KB - Virtual size: 104KB

peC
Size: 4KB - Virtual size: 4KB

peC
Size: 3KB - Virtual size: 4KB

peC
Size: 45KB - Virtual size: 64KB

peC
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 4KB

peC
Size: 4KB - Virtual size: 4KB

peC
Size: 101KB - Virtual size: 104KB