81ff38772bd8b4c5ee516b0b70f9fdef_JaffaCakes118 | Triage

Sharing

General

Target

81ff38772bd8b4c5ee516b0b70f9fdef_JaffaCakes118
Size

46KB
MD5

81ff38772bd8b4c5ee516b0b70f9fdef
SHA1

24a65524bc701a1d13070ab025c0df63317a2e1e
SHA256

14ed6cacecb5b57d44ae1b653abaf388bf5fb6006aa4e462077b2c709811ed5c
SHA512

63d94d195b8d772d945eeae35ed7a44aaf46b4558a61c06841122a6043e678a04a86982f1ca82c468a2989c0f2e9e33e2d2c5ba51724afc6817661407cb1db80
SSDEEP

768:fORqkFj9VszmLmUJjAFd+tZb9NyZXLnjj308M1SRcbzuzLjeS2NuKOYgIC7DQ6+X:mRqOj9VsMmNb+ZqZblMiVLTQgYZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81ff38772bd8b4c5ee516b0b70f9fdef_JaffaCakes118

Files

81ff38772bd8b4c5ee516b0b70f9fdef_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ