ce1b040bc0b5c7d1e4d79daa126e7c8a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ce1b040bc0b5c7d1e4d79daa126e7c8a_JaffaCakes118
Size

426KB
MD5

ce1b040bc0b5c7d1e4d79daa126e7c8a
SHA1

e084b47abd738c8641f82b0c6f1e4b744b64127a
SHA256

0246b3397f0cb0081ce1ce7d7fb4bd28db7eb8f6e8bf22f548e39db3ccdad2ad
SHA512

81299bd42ee0cd114eb796c422e7907ca17cbd764cc3e6aa59a1a0b1425ceb04f325a7d303df09971603bd3f5be53fa999cf0bd46a1f01f9c0398b0d8f180132
SSDEEP

6144:uhgwehBPEGsP3gkYnOz6tMmwYNs9W1H5hr7MM3agkGkrPvQ6ZvOH3D2IlOPSbYs6:gRenmyWE1H3rDUvvgHCIlbYx40T9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce1b040bc0b5c7d1e4d79daa126e7c8a_JaffaCakes118

Files

ce1b040bc0b5c7d1e4d79daa126e7c8a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

NOD32Ioctl
NOD32_Deinit
NOD32_FreeMemory
NOD32_GetOption
NOD32_Init
NOD32_InitEx
NOD32_RegisterApi
NOD32_ScanA
NOD32_ScanW
NOD32_SetOption

Sections

CODE
Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 1009B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ