f3430b792f5500f8d298faea5acf56f7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3430b792f5500f8d298faea5acf56f7_JaffaCakes118
Size

41KB
MD5

f3430b792f5500f8d298faea5acf56f7
SHA1

23956a98e2154978fc1f2195d0ab5e3db48b1367
SHA256

8cb39107a81c8fa8e397917b1c0d81ffe7fac29d2dee123bf6fa8a38fb64e477
SHA512

ceb14d117fc2d4f73de59424b386af9e23b37e8407e0e227f14a96f17d94bb4687d8f7a2bb5be68eb546ffaacb04ab30bd7dc636ae9a9e36dbf6943d38a3097a
SSDEEP

768:jV7qjE2wcA9kH4HiZw8aaCk3i+u4gGBvejImsae2JKQhSIgC4a3:R7qjEv904Hjvj+u4hesh9IgC73

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3430b792f5500f8d298faea5acf56f7_JaffaCakes118

Files

f3430b792f5500f8d298faea5acf56f7_JaffaCakes118
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

GetKey
GetReadMutex
HookProc
InstallHook
KeysAvailable
ReleaseReadMutex
RemoveHook

Sections

CODE
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 202B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ