8e673f396700a34d13b69f9bbf2c78f4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e673f396700a34d13b69f9bbf2c78f4_JaffaCakes118
Size

49KB
MD5

8e673f396700a34d13b69f9bbf2c78f4
SHA1

10a65f6c7c8093fd3cc87fbccd33a7c19e086e41
SHA256

a4d3e046d2a207800cd19b26b452480e49f621bd296c34ee31bb6ac287d13446
SHA512

5270166c7dc23e8b9351f5aa31a56d860fc3317e4b443f98f1772af65c71dd00673de6c3438fb5569d48adc04d0cfc1d9979e44525f5d774f211723a631ec762
SSDEEP

768:syUqhmQIIsDmqnsicPkQIE6hYLS6CzlQbIExPTSwKq6779Jp9kT3i3lZ:rUqhmQrtf3PkQ3PLXCmbIK5Kq679ii

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e673f396700a34d13b69f9bbf2c78f4_JaffaCakes118

Files

8e673f396700a34d13b69f9bbf2c78f4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

WinOff2EX
WinStart2EX

Sections

CODE
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ