75b0192bad4ab3b73879fc238877303c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75b0192bad4ab3b73879fc238877303c_JaffaCakes118
Size

89KB
MD5

75b0192bad4ab3b73879fc238877303c
SHA1

ed3326da4e84f855fe6f666b09d81254b4de14d3
SHA256

b5dc1cb5fc0669f6e74c058294f2a7c64fc86686678bb7350be0fd07f0f5a7e9
SHA512

9e02b70ef23c44810b5b19548dc34aea9e5137bd956d7432625de533dc21e48b2ed54a80845b390cec3e147f3aff41331b7427d22ccfcfaa3c667b9d7c5dded9
SSDEEP

1536:Vnqc+QqLCHQxYiGNJVsP3zJ1RAnjrkkVdLDXBxmXN1MTzh3M1MXN9TDzjTDzhy:wbLCwxYi0Jm/NQnjrkkj/2XUT93M1MX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75b0192bad4ab3b73879fc238877303c_JaffaCakes118

Files

75b0192bad4ab3b73879fc238877303c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHoo
StopHoo

Sections

CODE
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 87B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ