3b4316885a1695fef4466fee23d7f95f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b4316885a1695fef4466fee23d7f95f_JaffaCakes118
Size

1.2MB
MD5

3b4316885a1695fef4466fee23d7f95f
SHA1

9a67be8f874ff341782e1027f496d88da50782ed
SHA256

be5b5d3d38b9c5d2000eda94d64c1e4fd24832dcaab97ff93f4c5447ec98776c
SHA512

ebc724723d8b006140e69372d737e8e97727b6732119defa9fb89a5761f142032ee760cfe548453d196683bac104404a85feb41bdf5c52e7a49d4e7a244385e2
SSDEEP

24576:7noJIdoSz4YerM5WPvcUKrvfYuWmQfknq3W4nOGAeaEDaSBpWa:LW64q86mW4BFBBU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b4316885a1695fef4466fee23d7f95f_JaffaCakes118

Files

3b4316885a1695fef4466fee23d7f95f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EncryptPE_Init

Sections

.text
Size: 940KB - Virtual size: 940KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 97KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ