a4ee0f4d3ad23e50c4a358cab43d8cbe_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4ee0f4d3ad23e50c4a358cab43d8cbe_JaffaCakes118
Size

41KB
MD5

a4ee0f4d3ad23e50c4a358cab43d8cbe
SHA1

d875f6c7c3f4e6edb031436e5759a3edff84382f
SHA256

bd49116abf36ddedf03cc925943310bbfcf88e3c01bb9c46e6260fe819cb4248
SHA512

08f5767138eab8cfd58930bb545a60232fa3e92b168fe54d4d3eae132c36b682fdde6eeb4c504ff003492cab196c70cb67e2c1982b415a3f339d93a224bb40c9
SSDEEP

768:9v+WqH1sztWgzMFb4KY1k+VQMkhhJLCwPaqH2NRswE1FgwhbF3HIr:kWqH1sJO8yjaC2NKH1Ff5E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4ee0f4d3ad23e50c4a358cab43d8cbe_JaffaCakes118

Files

a4ee0f4d3ad23e50c4a358cab43d8cbe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
Hookoff
Hookon
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ