a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118
Size

15KB
MD5

a5fdf46de8f86d63a4ddee71a3a26ecc
SHA1

b84fe4726cebd6199d0b2bba23b617138f655e17
SHA256

196d9469a357c188f38c121a6ec5beab67a0e781736ca91d38f464c24c5fc90a
SHA512

38193cd68b4b557cf24acbec5f4e419cf8a522ab0f2f4cd3ef4c537e4608563937dd9b7aefd5c6026f97995ecfca818706dab3ba28bebcf030b74015512a9f8c
SSDEEP

384:FgZ1TuXGGho/lOPWy2bjUwUHUGA8keF9Wr+V6WztK52NDC:FpW3lOPWyYjUtHUGA8V2yYWQ52hC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118

Files

a5fdf46de8f86d63a4ddee71a3a26ecc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
HookVantiReadProcess

Sections

mian0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE