000018a303d508e7b19ca52e7519ade2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

000018a303d508e7b19ca52e7519ade2_JaffaCakes118
Size

24KB
MD5

000018a303d508e7b19ca52e7519ade2
SHA1

e1874a534a8c3529f8ea6b4c5e60a3db3a4b8c93
SHA256

02d043ccb8cff8bfcfd7ec6bad7817ccd805623edb85dc7b929b919fad1af663
SHA512

5ac1300fd4f3313cdbf86fff4c9ae6a7858726664b38d0a597dcd6ae5eea4712fce27c22892b3a2ef3b5aa520c596c42ce6720166edd4b12110b9a748817aed2
SSDEEP

384:HdD9d6G4GSQQr/pfKL6fK7umdV5eyN1j6udn5zgNQkzDs9s:HOLAefaV5eyNx6uddgNdvsu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000018a303d508e7b19ca52e7519ade2_JaffaCakes118

Files

000018a303d508e7b19ca52e7519ade2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
fsd4534f5412

Sections

CODE
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ