fe72cf5a622f7327d5ec33f3290cce34_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe72cf5a622f7327d5ec33f3290cce34_JaffaCakes118
Size

16KB
MD5

fe72cf5a622f7327d5ec33f3290cce34
SHA1

4aea04e296cfc0334b7eba3de79387abd6319e5d
SHA256

1fafd855df3d75878c0ea57cd1c7700ad0e6482e66024a0f109f64508ccdb804
SHA512

0de24ac8727788ad05b1ef62796cea8118b99c12c156202f39ef9e9d7cef6bb4f373fbc03af77da1d05b56c44dca3ed64dcec77a0a8e5ee26ef63ab75346abcc
SSDEEP

384:+TJ1SNGit22EwFRXItQk24S34fJK5oZ8oE0cxuDC:+SNBo21XKQk24CAJKOZ8dYC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe72cf5a622f7327d5ec33f3290cce34_JaffaCakes118

Files

fe72cf5a622f7327d5ec33f3290cce34_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

DllManagerReadProcess
HookVantiReadProcess

Sections

mian0
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mian2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE