69a7554539d26bd5d0a3c5527b5787de_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69a7554539d26bd5d0a3c5527b5787de_JaffaCakes118
Size

46KB
MD5

69a7554539d26bd5d0a3c5527b5787de
SHA1

c5fd0bafe476b8067cfe3177dc49ba80400d064e
SHA256

0ccbca83b4d9fe54fad1eaec528c4128f5032463e52d5fdf19889f7a69d42f1f
SHA512

d83b20096a562f6e8a89a39e95582fb37b19e64a17c47e55ce22bd7855783c18abff02233aaff92aaa3600f2d0af91d56ff1a04fa173ac5233ec333c7c11b273
SSDEEP

768:cORqkFj9VszmLmUJjAFd+6FuPL6TNbRMpg0kkXNqpLV48a21TqCxKJ0H69:nRqOj9VsMmNbnNTt4QkEfmINxKWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69a7554539d26bd5d0a3c5527b5787de_JaffaCakes118

Files

69a7554539d26bd5d0a3c5527b5787de_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ