0bab1c896ba7197ced951adf74909b80_JaffaCakes118 | Triage

Sharing

General

Target

0bab1c896ba7197ced951adf74909b80_JaffaCakes118
Size

65KB
MD5

0bab1c896ba7197ced951adf74909b80
SHA1

f46ddadea47631749913a4446c3ea9611a0614cd
SHA256

cea735f2d863b14665df44ec07c31c6b10a9e4718ccae59c8c3e019ed0ad40d3
SHA512

8474a3feea4ce541ae2a37d9e83091eaa86394f2d21b564c9a8e25493c7feb00b4f2776b92b9f3a273f6fd35af00e009068d59a43b628104ea651ab269e9bddc
SSDEEP

1536:DnqmQxIt2upSIN0Nfhkl8a5stUtR6l3TxzeKtB5:pAIt24Saz95ttR+xzeK7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bab1c896ba7197ced951adf74909b80_JaffaCakes118

Files

0bab1c896ba7197ced951adf74909b80_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

InstallHook

Sections

CODE
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 70B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ