850d4edc83f30454316275ef4fcd0745_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

850d4edc83f30454316275ef4fcd0745_JaffaCakes118
Size

38KB
MD5

850d4edc83f30454316275ef4fcd0745
SHA1

413560579cdebf0d22faa8b74b3080a6089b9d42
SHA256

947525aa3ffefdf8a042e605027429b0cc1cb828f23cc65409c3ef36ba9042d6
SHA512

026ae1d72e9fae4444a9f9ecb9a5994ae378e690fd35fe64b466d55e699ab4f853530a0cf45186c3aa19065dc92a66b2ca7cd667cabb52cb420796ce4698a909
SSDEEP

768:RyIqvQQcGrYUfQ1m1eusQUNNl2NY97olt/iWrj5Jn05i:IIqvQGrBnU447mAOm0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
850d4edc83f30454316275ef4fcd0745_JaffaCakes118

Files

850d4edc83f30454316275ef4fcd0745_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
StopHook

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 89B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ