e297f9574f1829be82ba9181ccb39fdf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e297f9574f1829be82ba9181ccb39fdf_JaffaCakes118
Size

79KB
MD5

e297f9574f1829be82ba9181ccb39fdf
SHA1

bdf80988d0de4a02c5d4cf74abf54ea3ab723098
SHA256

725a0a3a3d68dd20c311130cbdbfe05da7fc5677c48a77383e6228412c5c6ddf
SHA512

bc44f70630bb882ebf4705bb3a830d633dbf00c7be7a656f158a5ba23683fc93ebe8c34e1ebe47a52bb045885520b6a2b2ea2e7ca2028c1b6635c659e134ed91
SSDEEP

768:UbTUltJhq7rgHAoBUzszDBcY8wgxRyQf/XgpadfXcO6lT8GxBJ8V0BPrjPgxKA5B:+QqZzsqYobwpKcMqrbgxKyIItc5NkNp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e297f9574f1829be82ba9181ccb39fdf_JaffaCakes118

Files

e297f9574f1829be82ba9181ccb39fdf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
InstallALLHook

Sections

CODE
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ