76327f9bb65237ffc6bccd4e306e35cd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76327f9bb65237ffc6bccd4e306e35cd_JaffaCakes118
Size

73KB
MD5

76327f9bb65237ffc6bccd4e306e35cd
SHA1

7dd0038d1b0fb0b1de936614055e6719313d100e
SHA256

d7889351ba733ffa9783f118c5549a53b15358aa9c22c7fd01e1d119f338213f
SHA512

c822515f4834134207399837c84ea6f8116effc4b72c6fa965ae286400308f8eaad01d96c68a48c1313e2c006febfc20928fd6cc0751b05bea5395bda8717b03
SSDEEP

1536:6Y9i6YC6+X1CKQRALRu//SnW+ZM9dus12TvJPOMb:6Yw6VFCKVRu//mrZ4us4TvJ7b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76327f9bb65237ffc6bccd4e306e35cd_JaffaCakes118

Files

76327f9bb65237ffc6bccd4e306e35cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook2
StopHook2

Sections

CODE
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ