b7db16339bf86c8d76132d3bc4251bf1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7db16339bf86c8d76132d3bc4251bf1_JaffaCakes118
Size

141KB
MD5

b7db16339bf86c8d76132d3bc4251bf1
SHA1

e89bd7af93acd5f9a1022ed49ab3fa4e687c07f5
SHA256

ca674be6129da15e08eed2ecc1283d743049ec34666680ac4858a1f32e1b2bca
SHA512

2d83f2b39d666c780171dd2e298c0b4eee456639b84687aa87b2bac69753fa5b38d160eecb778c279e1177b1ab80ad79cce6ff5f7d6bfd0233d060ff10156832
SSDEEP

3072:SGVKXUjTqyFcIXbB5nG9pDZl1zqHnvxNWYA3txBFCKe:SGVEODonNgxNW1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7db16339bf86c8d76132d3bc4251bf1_JaffaCakes118

Files

b7db16339bf86c8d76132d3bc4251bf1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

ImportNakoFunction
PluginInfo
PluginRequire
PluginVersion

Sections

CODE
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ