44a921afa32875f9f1835dd260faf58d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

44a921afa32875f9f1835dd260faf58d_JaffaCakes118
Size

247KB
MD5

44a921afa32875f9f1835dd260faf58d
SHA1

9b09b4cab0341a913fd84a6d80c063e3e7755e78
SHA256

7e63673af1d89f55c0e6522aaa005cdbfbb098bc88005da5378680d132574bdc
SHA512

c8f6bb55ad4ac04ecedd6f857a4a2e6678ae5e53d76ab5f5ee348edbbab7d1fac9b302e7e137e897cc68486285752a91e52094acbea5fddfa04118554d46cd94
SSDEEP

3072:quQ2agu/bvumoLTmsKqvzBE72PT+QWjgMp04zzBZxZ9VPWuGaCcx2Hz8cabzArD1:quQxbvBAKCEiPT+7fxJ9OQx2cbEU0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
44a921afa32875f9f1835dd260faf58d_JaffaCakes118

Files

44a921afa32875f9f1835dd260faf58d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

NOD32Ioctl
NOD32_Deinit
NOD32_FreeMemory
NOD32_GetOption
NOD32_Init
NOD32_InitEx
NOD32_RegisterApi
NOD32_ScanA
NOD32_ScanW
NOD32_SetOption

Sections

CODE
Size: 238KB - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 999B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ