a6630a7c9e537bd6e902422cdc0cd806_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a6630a7c9e537bd6e902422cdc0cd806_JaffaCakes118
Size

25KB
MD5

a6630a7c9e537bd6e902422cdc0cd806
SHA1

d959319b27604d25606943add00e2b7512a6d58e
SHA256

8dffcf6178f1f7a4aa94fc04f85b393ac27f7ccd348efa4b445802463d4dfde2
SHA512

003dfb0bf8e77db0c45ed3b3ab8a39541f65c7282e8dfc1771d7e6195766b9303308515a412f2f841dbe00ef5c7eadbf7a30d74a09a93415ef9eede7d7af619e
SSDEEP

384:vTVxz0C9Y3qd+12DQygTMiwJgoeoVhf1cmrZU7RvVTaPZysiAPgjm:AC9mqdScQ/TUneqf1nZU7RUbK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a6630a7c9e537bd6e902422cdc0cd806_JaffaCakes118

Files

a6630a7c9e537bd6e902422cdc0cd806_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookOff
HookOn

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ