cee16000e9725eed5516ecd34131de42_JaffaCakes118 | Triage

Sharing

General

Target

cee16000e9725eed5516ecd34131de42_JaffaCakes118
Size

1.4MB
MD5

cee16000e9725eed5516ecd34131de42
SHA1

8af25a6202edb6670f1439002198854e213c9cdc
SHA256

87dd0326d56db1030bf231d2d893127da7f47363da92d6368445b0863cf1f057
SHA512

de316d0a23f9b950d187e2da9f58be7613462ecedb78e1239e71cf78726228fef62b8136cdd4a7a5c3fbe0bd809e7b802add6310af51a15bce694a72fc1d7081
SSDEEP

12288:2K4UcbveZ3k+/T/C+I/KOSHCiPvGegnjjKvNJces+m1E88EnfYF:2/UcbWVCzNSiiGegfK1JR9m1E88gfQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cee16000e9725eed5516ecd34131de42_JaffaCakes118

Files

cee16000e9725eed5516ecd34131de42_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

APC��
RunDllHostCallBack
��
��
ȡ��

Sections

.text
Size: 704KB - Virtual size: 700KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ