871d05f852ca0a8c9b3693200f4acc94_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

871d05f852ca0a8c9b3693200f4acc94_JaffaCakes118
Size

13KB
MD5

871d05f852ca0a8c9b3693200f4acc94
SHA1

31ace1c4a05d9926b32df0f738e7a2974bd6a31e
SHA256

deea8b8501e764506b1e82fa22ae127e688099cc84dbfdb017ac28c40e7cb872
SHA512

b0dc16e533dadfd8569298f431123ce64523dbcc71a66ce7364e7af15df537e5929053febc40ae6b0c99adf38b5246156d9d115a188901f5943feee12b202c1b
SSDEEP

96:nPI4WiJu8aFwiFtih01Rl532eJWahK4oDImBxkyr0tJGc9CQ:ndW0u8/Jh0Dl532eJWao4i/lyGcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
871d05f852ca0a8c9b3693200f4acc94_JaffaCakes118

Files

871d05f852ca0a8c9b3693200f4acc94_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

CreateHook
DeleteHook

Sections

CODE
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 329B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 748B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ