859509d95e0fdae218ec1f11c0bae719_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

859509d95e0fdae218ec1f11c0bae719_JaffaCakes118
Size

46KB
MD5

859509d95e0fdae218ec1f11c0bae719
SHA1

d9e1d14a4663c1c48666d2de99254ac573937853
SHA256

14efb9a14f349f6915aab842d483ed1bb46daef654a8e4a3d9ba6ca6d83f83d7
SHA512

91a87677dad0fc3d253a8dbda825dbc95a24a79e45215aa174d4887fcc755c42392f1fbddee627e0ca443f7496df7ce9ca80bcad7148b235cf2aef1f33b3014a
SSDEEP

768:0ORqkFj9VszmLmUJjAFd+tZqJr0OKTN6VtKFXDjNzHMz+QByTqOsgs:fRqOj9VsMmNb+ZGKTmuXDxC+Wkpw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
859509d95e0fdae218ec1f11c0bae719_JaffaCakes118

Files

859509d95e0fdae218ec1f11c0bae719_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ