dd82fd4a98774500b858bb97a8845f4e_JaffaCakes118 | Triage

Sharing

General

Target

dd82fd4a98774500b858bb97a8845f4e_JaffaCakes118
Size

389KB
MD5

dd82fd4a98774500b858bb97a8845f4e
SHA1

db6d7400b34e312709d2ec9181683023f24128c2
SHA256

a4bd2679b4bf79f5523c7ba6f093be724748382c0b98ab544664ceafbb438716
SHA512

7b69d4955daec530c2acf9c12c55e2e696ef3e7e01dc324313d416fc6a7c4135c3112411a0a4af842d3649b4108b24027767ba4fd68ae0ac0375260950c95e20
SSDEEP

6144:P+wqxd9AkffXl9ZrvCaw/wIDoa0BKPrLa6O+z1UoftVgvcNuSHn4/10U98Kol:sd9jfPl9F8K0a6N2of1uK4/a28x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd82fd4a98774500b858bb97a8845f4e_JaffaCakes118

Files

dd82fd4a98774500b858bb97a8845f4e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Hook
UnHook

Sections

CODE
Size: 329KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 81B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ