e2011e832760a0ca8f40e28054330421_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e2011e832760a0ca8f40e28054330421_JaffaCakes118
Size

27KB
MD5

e2011e832760a0ca8f40e28054330421
SHA1

4ef91e56a0285e24add89850772834260c728408
SHA256

936c53df6b962d8995e105f2c298010179394017459fbc9a45ccdaf911513b0b
SHA512

9a068bdc2940aac3754ccb8c0243cd06acaf9eb87a3116157ff1b283126ac702bfc3e3736d1c4e675a587ef8026b13da6c3e9b790b037c16614ff2bbb9570ae4
SSDEEP

384:3wAHxUShqujrBKnGQm9cD7vHj3URUE1PzMN+ocJA4IcuPRKw4GKNC63Az5UkAeZj:xKShquPB0GQJDLARU24x4IyNCt55bW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e2011e832760a0ca8f40e28054330421_JaffaCakes118

Files

e2011e832760a0ca8f40e28054330421_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookOff
HookOn
StartHook

Sections

CODE
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ