3f3edf9e92407d3892b3c738d42ae952_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f3edf9e92407d3892b3c738d42ae952_JaffaCakes118
Size

1.0MB
MD5

3f3edf9e92407d3892b3c738d42ae952
SHA1

6c7b262134aada4fd0e855dd54d8a555d77eb295
SHA256

b3c9ef49e813d9ac6d56808967ed75d556e2f7daa00eb5dfd9eaa344299112ec
SHA512

2d2b9aaec492c8e3d283884f98afb9834eaf51ab47653e6257303a769ebe7a06d0c081c0e413d4277ea7890b485f1d1d36fc45774d3be06eac13a022f2c20323
SSDEEP

24576:pHaG7Yzb7uJuOSsXz/ov6faP+LwPwtwbYhQ6obICIvo6:tBsfywOVMv6BwPwtwbYhQ6obICIvo6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f3edf9e92407d3892b3c738d42ae952_JaffaCakes118

Files

3f3edf9e92407d3892b3c738d42ae952_JaffaCakes118
.dll windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\workspace\rtkapo\sysfx\apo\RTKobj\i386\RtkAPO.pdb

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 613KB - Virtual size: 613KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 482B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 277KB - Virtual size: 911KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ