dedd55487b3df9f59f5937f547f8f065_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dedd55487b3df9f59f5937f547f8f065_JaffaCakes118
Size

45KB
MD5

dedd55487b3df9f59f5937f547f8f065
SHA1

fc286cb374f5e7be333fb714edae600daef9ec64
SHA256

bbb820b80eb6f53a9a178eb16c27289bbebd978b1c40f1d523a8b7a627b9fdb3
SHA512

c0a17420a1ef66017fdf337936608579d244c40339b7b7dc94e370e604c539bc76b940b8172a7142ab8a575caada27dc6320d50f84b5065b08d2030a9a104d7e
SSDEEP

768:4OJqkFXaVsziL+eV7oYRTNjxg1lJJN9f54x7L4QcNUfmEtQtXTH6yTqBF9te/:DJqOXaVsg+vyTXg1PJnG54FiGrGF9o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dedd55487b3df9f59f5937f547f8f065_JaffaCakes118

Files

dedd55487b3df9f59f5937f547f8f065_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DivxDecode
InitializeDivxDecoder
SetOutputFormat
UnInitializeDivxDecoder
hookoff
hookon

Sections

CODE
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 15KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 201B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ