77fd908592076ef7e9670489dadac138_JaffaCakes118

General

Target

77fd908592076ef7e9670489dadac138_JaffaCakes118
Size

249KB
MD5

77fd908592076ef7e9670489dadac138
SHA1

f9e207e775ad0a9822120b765a3fa0ce4357c438
SHA256

825afcbf75e49e815cdbd8935ae6935fd2629c825ea7026436b545b3361903e5
SHA512

6117004142c845384a6661c125c28b0767b039204a4d02e174efbe8587b176ca49537b933d76a1d64b41d15bd4bb6d121b51727c2ac73a458bc4f8fa67574e61
SSDEEP

3072:/JBORqVL4XCFmmXgSb11RNa30pxH+Pl1F9ma9GiRA4lbIWr9gdKL18leXtjGGI:/JQRaLXV300c1FY2Lbhu4tj8

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HookSocket/HookSocket.dll
unpack001/HookSocket/HookSocket.exe

Files

77fd908592076ef7e9670489dadac138_JaffaCakes118
.rar
HookSocket/HookSocket.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HookSocket/HookSocket.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 442KB - Virtual size: 442KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HookSocket/说明.txt

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

CODE Size: 89KB - Virtual size: 88KB

DATA Size: 4KB - Virtual size: 3KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.reloc Size: 5KB - Virtual size: 5KB

.rsrc Size: 5KB - Virtual size: 5KB

Headers

File Characteristics

Sections

CODE Size: 442KB - Virtual size: 442KB

DATA Size: 5KB - Virtual size: 4KB

BSS Size: - Virtual size: 3KB

.idata Size: 9KB - Virtual size: 8KB

.tls Size: - Virtual size: 16B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 33KB - Virtual size: 32KB

.rsrc Size: 41KB - Virtual size: 41KB

CODE
Size: 89KB - Virtual size: 88KB

DATA
Size: 4KB - Virtual size: 3KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.reloc
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 5KB - Virtual size: 5KB

CODE
Size: 442KB - Virtual size: 442KB

DATA
Size: 5KB - Virtual size: 4KB

BSS
Size: - Virtual size: 3KB

.idata
Size: 9KB - Virtual size: 8KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 33KB - Virtual size: 32KB

.rsrc
Size: 41KB - Virtual size: 41KB