76d5a9006deab7b21fb2c468e11d9be7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76d5a9006deab7b21fb2c468e11d9be7_JaffaCakes118
Size

78KB
MD5

76d5a9006deab7b21fb2c468e11d9be7
SHA1

f70ae9ed3b792295deaa1196b7f135c568cb1eb7
SHA256

8b8fe5f85d92d5c94b7fd8af9dca6167e8cb3427e59bb180ac66871fa2c02a69
SHA512

369a76c5872f3e2d192b4211b164c145d6bcbc9e585efb500dde79ef98463e530ba7dc93003ebff0d069a77ee23f5e97755afffd4c91631373637e8921693c76
SSDEEP

1536:z3qzQQUeqvIGcnlakXX0at+x+qDeG9R+tgbkYiuSfaBt:glUeqMBvMoM/sgbkYiuSfm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76d5a9006deab7b21fb2c468e11d9be7_JaffaCakes118

Files

76d5a9006deab7b21fb2c468e11d9be7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook2
StopHook2

Sections

CODE
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 90B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ