953742498c2a363c62926bb8091bd2d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

953742498c2a363c62926bb8091bd2d0_JaffaCakes118
Size

42KB
MD5

953742498c2a363c62926bb8091bd2d0
SHA1

27fe69591be813c3bb9a45ec74f176c5736e2b0d
SHA256

07d6424c10729172274a026f8ed647f9657ed28fa93bf9718fa2ab3d72d7010b
SHA512

c6c4873585132e19213a372a2c56651f1d5c677e3dcc5a6125be9cf655d7c80ea27bb6e34c9fd875bc0539c38e3f77f7818f94a61aeb2cf738cc0d01eb4299a2
SSDEEP

768:1v+5qD1szHOhbZRTNjE35jSsE9kO7H7erBRKYVYRYjlGN8hcUZR7:M5qD1sD2Tm3wfPDlmlGqcUL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
953742498c2a363c62926bb8091bd2d0_JaffaCakes118

Files

953742498c2a363c62926bb8091bd2d0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ