063955e8609d95d82e6aa14cbd320048_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

063955e8609d95d82e6aa14cbd320048_JaffaCakes118
Size

24KB
MD5

063955e8609d95d82e6aa14cbd320048
SHA1

1e63b9b85383206859f6dfeec60d2b60557d8025
SHA256

db85de28f30a1603afbb419b8be981c85b5850b0cbd19a202a5e1478abefe367
SHA512

a384e82a051eeceac0720875a01d3d3c0e307a28bf72c380c22c4c98148ec488e3c008e12961c3777279d386335834eed12f77f480f8023aa09c9104eca7c000
SSDEEP

384:6aUxz0C+Mgqd+1pqBQe+VItZFfVwid1LEXQS6Y1diroB5BAzNNEr:/RC+lqdSwBQhWDzwid1LZGQ1/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
063955e8609d95d82e6aa14cbd320048_JaffaCakes118

Files

063955e8609d95d82e6aa14cbd320048_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

start

Sections

CODE
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ