fd789e14a999943b9417d2c2eefef43a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd789e14a999943b9417d2c2eefef43a_JaffaCakes118
Size

32KB
MD5

fd789e14a999943b9417d2c2eefef43a
SHA1

2aaec2690040637f7937b3f24e98169cdbcb10b9
SHA256

0c72ef8d5b23972b7f0d2bbfaba693b4c17d50d0a2ff8a62bd74c0ccf05d7368
SHA512

b03bb27a748561692cb1b05c3bbd7f9900f9b3e06d31aa7d2ca60cb54e16df77c79754272f283e819c2359f6ae0ff0e41a2526d7073ae4733601ee56d0378061
SSDEEP

96:WkgWjZFWnLHgt9ZpZalEpjB9Z6Zad18TRj:WuZknLAtOEpdsTR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd789e14a999943b9417d2c2eefef43a_JaffaCakes118

Files

fd789e14a999943b9417d2c2eefef43a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd3694cca18a81090dceacaaad4cfa39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
OpenProcess
VirtualProtect
EnterCriticalSection
SetLastError
LeaveCriticalSection

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
MessageBoxA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE