df1ba6c409a27552973be1fd46c9fd59_JaffaCakes118 | Triage

Sharing

General

Target

df1ba6c409a27552973be1fd46c9fd59_JaffaCakes118
Size

41KB
MD5

df1ba6c409a27552973be1fd46c9fd59
SHA1

5c0db04dc13eaec2167ae571f9d8514c22c78890
SHA256

a3382b20eddfa0994c7ddd483bccf95a30057fd9e2a97a97b0dc607a91ec2103
SHA512

f8398556887a99ab24fa786d1652f06824d6d76e1dc8e8efdb1609c53b8a6e1b823bf343ec435e7bd489469d7b55a5daf2738407d09173d387b941d4a6c00526
SSDEEP

768:Cv+WqH1sztWgzMFb4AWl/ARb+ydrbMJQ1nyMKCJFMY6PeI:zWqH1sJOQ/AYurbMOydCsPB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df1ba6c409a27552973be1fd46c9fd59_JaffaCakes118

Files

df1ba6c409a27552973be1fd46c9fd59_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
Hookoff
Hookon
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder

Sections

CODE
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 19KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ