b7cfc5664e1761c6a87b39c5f7405caf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7cfc5664e1761c6a87b39c5f7405caf_JaffaCakes118
Size

43KB
MD5

b7cfc5664e1761c6a87b39c5f7405caf
SHA1

27ab1fc5d70b381d980f06f56a8772e4cf58e959
SHA256

5bc4cfc9b80f1661dee1ec1d157d81f304c145a5b5353f4d7a65b217d9bd595b
SHA512

b695961ff0d0111ef022bbfc81788a360da6bb0004673c57d26f442f041aaea398f85897c648c56fa2316ac3c29a0678e147c2f3ca12f34fd9f370ed70850034
SSDEEP

768:lv+5qD1szHOhbZRTNj/SAPjz80erk9lkglIGS9VemHOY6n1HwLU:85qD1sD2TjH39eWSHem+1d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7cfc5664e1761c6a87b39c5f7405caf_JaffaCakes118

Files

b7cfc5664e1761c6a87b39c5f7405caf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ