396900c33c2a28a2aee1ab1c78d5d191_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

396900c33c2a28a2aee1ab1c78d5d191_JaffaCakes118
Size

176KB
MD5

396900c33c2a28a2aee1ab1c78d5d191
SHA1

02f539b7e4eeb2a00e5010aa24413e12e3ded2ae
SHA256

ee6d751b0467fa290d22697af7b0d055acef4bf8c6c30490e27bd0f553224d6e
SHA512

34db1ef0cc26a2086e1d72680f5f228b42a2012302f6063d6252fab42c1a2ecb0a07ebde59837b6cf177e769d1650708523eb28b3b6ed371551dec1fc1466dde
SSDEEP

3072:IfxEBhtY1/Lz3aqI4YpEI7qW2PtR9eu/KARqBezuMsa9R1+pn1eK06YtTJI7XUh:iWg/LeqFYaI7qHVaRwqBeuAP10lShh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
396900c33c2a28a2aee1ab1c78d5d191_JaffaCakes118

Files

396900c33c2a28a2aee1ab1c78d5d191_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

@@Apihook@Finalize
@@Apihook@Initialize
___CPPdebugHook

Sections

.nsp0
Size: - Virtual size: 500KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 175KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE