95775841a4bc5c9f3b90a9912b1afb0a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

95775841a4bc5c9f3b90a9912b1afb0a_JaffaCakes118
Size

567KB
MD5

95775841a4bc5c9f3b90a9912b1afb0a
SHA1

0a605e358d70fb59a850184eb99d6c702662c46c
SHA256

418641da91a50f4da5d8d7427dec2a494a16cf44425a74993d430ce94d19086c
SHA512

6e571af0990e6d9d8c5fa1c2195de1bb374802095116e144876b5e2c19cc85745f0fd115adc0b4b03f7f0ca5e619345482da1b4107325bea58915ef58b2fbfaa
SSDEEP

12288:GRTg0d5cYUuGi36eG8VqLZvHsrZanaXt:G5g0+uGq6e9qL5H0a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95775841a4bc5c9f3b90a9912b1afb0a_JaffaCakes118

Files

95775841a4bc5c9f3b90a9912b1afb0a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

gozichu
gozijin

Sections

CODE
Size: 480KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ