a78117b066a5596337fdab2834d07188_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a78117b066a5596337fdab2834d07188_JaffaCakes118
Size

20KB
MD5

a78117b066a5596337fdab2834d07188
SHA1

9f7b199d90ddfeb8eeaea3336163fc2966d04fa9
SHA256

2dfd3eeb806c8152083070887c2c3d585dfb3d12dcfbe8e671b5578d9e266f15
SHA512

ad37629c33576e8f3a1a6d436dbeca8a86c2e33fcc8896b8fa923ff4e09a15af21a6ecb74e52590fbdf963fedde05f99f5af195c175e174384cfb86467ff903f
SSDEEP

384:iRdCyBLMqlWZmQ2fEdNuHX6LMNKDRFws+r3/jzkD:WCyKqlUmQQE+kU7L3k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a78117b066a5596337fdab2834d07188_JaffaCakes118

Files

a78117b066a5596337fdab2834d07188_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RecordSound
StartHook
StopHook
StopRecord

Sections

CODE
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ