a792db7ec0fd7c4a0d6f7fc78b40898d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a792db7ec0fd7c4a0d6f7fc78b40898d_JaffaCakes118
Size

96KB
MD5

a792db7ec0fd7c4a0d6f7fc78b40898d
SHA1

2a1d3e8879b387442cfdc95a158efc5c2fc950f6
SHA256

cc8d20eb02469d4a3eefe4d018762aa69d7771e35e97f088ecac032bf373d907
SHA512

2d6eda593b2aa56b251525b5fdabc662f86cf7604ac30778da27f0da194b5752207ee130fc0b24bf81aff8de04de1e19e9af6c36ccedb42e2bcc0ce3e51c1115
SSDEEP

1536:QIyLDEWW7la239zqPcNdf1a81JffMWQcBscy/fS6FNShRU8oHqCD1bqFG/Arp:QIIIWPkfQg1fMUBsf/fSk44yCAQ/Arp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a792db7ec0fd7c4a0d6f7fc78b40898d_JaffaCakes118

Files

a792db7ec0fd7c4a0d6f7fc78b40898d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

@__lockDebuggerData$qv
@__unlockDebuggerData$qv
GetPrsFunc
__DebuggerHookData

Sections

mian0
Size: - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 95KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: 329B - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE