c00831b34e60d62bb5ac990b1878d177_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c00831b34e60d62bb5ac990b1878d177_JaffaCakes118
Size

140KB
MD5

c00831b34e60d62bb5ac990b1878d177
SHA1

be3e0c30943ab150dfc4fa0d3034bc6c82e6a0bc
SHA256

fc8616fb2756137770a91acf0a67c65cbdbaf479a81f0ccb90001e09d18e1d69
SHA512

c9e85ed186dcf0219481a18dc2e0c98eff277c552c2402deee61587bc341e68b9791f6c74a226d4c0c496fdfa83e4394c0782dd30bf9f87db8ba3b9f57b17b39
SSDEEP

3072:CsgwEvM3z0BQg/S3jSEUl+Welmef2Aze001gCm6+f0Ii0:Csge3wXCQefZCm6+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c00831b34e60d62bb5ac990b1878d177_JaffaCakes118

Files

c00831b34e60d62bb5ac990b1878d177_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InstallHook
UninstallHook

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 94B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ