001fd3235be88183155a51b9a8798b83_JaffaCakes118 | Triage

Sharing

General

Target

001fd3235be88183155a51b9a8798b83_JaffaCakes118
Size

22KB
MD5

001fd3235be88183155a51b9a8798b83
SHA1

3d613223ac8cab35719a7950c06cf41f2272f9c9
SHA256

e186610b264fdc2b409c0809dad7a682e0e38911d0e89b8cc4f685c447435c69
SHA512

9404d082dd79a74c84397cf3a43fcb0a10da715638012db93e38f1a17a07d89b9a6105d8a0e015d16cb4ac0499e3bda3bb014f81af5a8bef292eb6ec2e5db237
SSDEEP

384:HPyZNjtU2mPgALW/16DBvenap1KSgjp5BdhzxZVus2JNBmM:vyZWrWSve4K3DBdlxZVujBmM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
001fd3235be88183155a51b9a8798b83_JaffaCakes118

Files

001fd3235be88183155a51b9a8798b83_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFif45all
UnHookWindow

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ