b6eae048d24c147325d41e6ad3b43cbb_JaffaCakes118 | Triage

Sharing

General

Target

b6eae048d24c147325d41e6ad3b43cbb_JaffaCakes118
Size

19KB
MD5

b6eae048d24c147325d41e6ad3b43cbb
SHA1

e8e3a5f4edda28b9659fc68794658f9d767c54c6
SHA256

809820abfd6bc5f765778144fd7e20a88e29ced982523f593c1c31049f87bc98
SHA512

cac3293b334cd802c8d05d0df9ad889818b991593297284599fa2e474e981a000391485b6687a7ba5b34317fe46d76c97d3c76c438893c25cfae27b5fe526ddc
SSDEEP

384:FtqeW/zOYY4YB0Prgtp15kAI3Aaj0nSjqZNL:FaLIz0u1NK+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6eae048d24c147325d41e6ad3b43cbb_JaffaCakes118

Files

b6eae048d24c147325d41e6ad3b43cbb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InstallHook
UninstallHook

Sections

CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ