f7202f724dbfc1462fbca7ff25f69b35_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7202f724dbfc1462fbca7ff25f69b35_JaffaCakes118
Size

83KB
MD5

f7202f724dbfc1462fbca7ff25f69b35
SHA1

7868a5e7a88b9ad25cb2c7a0936df144d0a7d9c7
SHA256

11d5f3b62d1fac3ec281717a1182c7e35598de905496ab48e571d1e4374c5d78
SHA512

110caa31d952cc72ad693042f095186d548f7a5b71a6c3e04a71a928aefdc7a60eee186ab0e5deddb5ef0c90ab5e3d80548a958e5196e3e0c76c21d48d1f11f9
SSDEEP

768:6xCnAq2rFszzVjT95N3lulZOYh+qMSbd2PfGJuX55hJWUQqh4GjEJg29SSlt0Ga3:3Aq2rFsnD1PYh4ECGK5IHKYW29tlUqu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7202f724dbfc1462fbca7ff25f69b35_JaffaCakes118

Files

f7202f724dbfc1462fbca7ff25f69b35_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InstallALLHook

Sections

CODE
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 75B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ