3bb89838271ac021d4efbdb50edb3d8d_JaffaCakes118 | Triage

Sharing

General

Target

3bb89838271ac021d4efbdb50edb3d8d_JaffaCakes118
Size

19KB
MD5

3bb89838271ac021d4efbdb50edb3d8d
SHA1

4808ae48c1f0d3b024315cbaf2c8a15a673de60f
SHA256

682be94226e8aedc35f76647ed2eb896c1f301b6970e806524d1e277548137b0
SHA512

09fba915d53c5f0e578c4c18c09737e48e268a3ce60373887d8f86b66ff7139f1fce27cfd8764598c17f18c4c9ff5281ca8569accb8e7498129c85ec2166391a
SSDEEP

384:EC2vDw4zB7YVb3TExYNoqVbZAFTPzHwKfILKwdNKHDs:p28SQ3TlTVbZqPzQKQLlNF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3bb89838271ac021d4efbdb50edb3d8d_JaffaCakes118

Files

3bb89838271ac021d4efbdb50edb3d8d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

ttpGetSoundAddIn

Sections

.nsp0
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp2
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE