a29d56434c1449e9488cf803f6285425_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a29d56434c1449e9488cf803f6285425_JaffaCakes118
Size

33KB
MD5

a29d56434c1449e9488cf803f6285425
SHA1

fd7877ed86d07863a6c21a4ae4579e79d8178c62
SHA256

7534b08ec3e00474ce63dc13df683819970076a4da451e6cae2645c814fc6515
SHA512

69a74d11c190c7961f2db62312bfe87cb36ce32a6365de3e4601deef1a331307ec2bd25b8580b15e569b08117d980e08b119d2558fbf7cbb7d8b5bb408bc7bfe
SSDEEP

768:TeHqE1szXLkodKZ3i3HtaMB4n28RA27jGqtMq2ds5i0Ju6g5n:aHqE1sI3YTBonhtX2ds5i0IT5n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a29d56434c1449e9488cf803f6285425_JaffaCakes118

Files

a29d56434c1449e9488cf803f6285425_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Hookoff
Hookon

Sections

CODE
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 16KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ