820bfcd2447f3580d1a10da128f4304a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

820bfcd2447f3580d1a10da128f4304a_JaffaCakes118
Size

15KB
MD5

820bfcd2447f3580d1a10da128f4304a
SHA1

6452c0db15171be58f113babbe84ee6bf380b27e
SHA256

d0ceeb5e2da7fb85bc623e5d017061398100881c6b56c3c8cce9bf50c5ea0b87
SHA512

577ea05c7ba12c796764b3b81c74342eea2ff8b4bcda9460b06bb7211853f9dd29d01a9658251498c11c46952e6913f2658ce84eb2daa725429fbc0e6a0b699e
SSDEEP

384:Oq0Rtahz8BC9d2mLcyquqpFNWL6des2xRbNv+rK:OqrNAC9cu6FNzdmNmr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
820bfcd2447f3580d1a10da128f4304a_JaffaCakes118

Files

820bfcd2447f3580d1a10da128f4304a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
HookVantiReadProcess

Sections

mian0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE