8579f37751a1728de5cd2dfe70c2c59e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8579f37751a1728de5cd2dfe70c2c59e_JaffaCakes118
Size

54KB
MD5

8579f37751a1728de5cd2dfe70c2c59e
SHA1

f5a4c6219fff4bc00a60edde7e7129bb4a673a13
SHA256

973ce7774c8a50123a6cf5a4152bf9b8d07433a12d462c8ef24d1be7b81890cb
SHA512

94e38aa78247b6c76a2e6fc97f71c6f05a60dd9e9085a4ae8b3b0a41cf67d15fa4193e284b484f673b4e1fc43dc9f0901f5aa7255d5f16caaad4ad28d9bd1c5e
SSDEEP

768:HMSZqeQJwfljj4p+vV90DMOql7k+VdtVfJ7uzzqCq4+tg8sUYGe8x:LZqeQkE9DMLPtVR7uziS8sUYGPx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8579f37751a1728de5cd2dfe70c2c59e_JaffaCakes118

Files

8579f37751a1728de5cd2dfe70c2c59e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
riOff
riOn

Sections

CODE
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ