87275a822e79a4c033ec42738f135172_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87275a822e79a4c033ec42738f135172_JaffaCakes118
Size

37KB
MD5

87275a822e79a4c033ec42738f135172
SHA1

497993d4a0cf8a6d3b1498542b8a803095695e4a
SHA256

05917c81972c689130114d56249f9d76d565ad51e304feefcf6a0705beeb2bb9
SHA512

bd102b8dd7903cb55a1603fe21aa6e1340ffb0ccaeea80e44c07f2a7b137654da877b9d5f0a0875c3f1eabfbd0e8211a323ceb2f0eeec16f6b4d4e2afd3d2064
SSDEEP

768:zjuuqqoVsz6zfrrWk68XVlxMvbe19cfnSwhw3vXAxuXe7UzoOm:G5qoVsg68X/Ee16fSwkXzu7UzoOm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87275a822e79a4c033ec42738f135172_JaffaCakes118

Files

87275a822e79a4c033ec42738f135172_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Hookoff
ppp

Sections

CODE
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 85B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ