000283a4582edabc2a70b2b254a46c33_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

000283a4582edabc2a70b2b254a46c33_JaffaCakes118
Size

21KB
MD5

000283a4582edabc2a70b2b254a46c33
SHA1

9cc06ae6800e92bdcd9c8717c6c41b5277f2daad
SHA256

05068a87b2aa9bc11fba434883c4b69fe758551abe5a9b0959bad14d7f9a9414
SHA512

058b5e778ead08ffad0daea53b23305ee548c89c61ee666d3d7b0f5e592f2ee8f1d69a853a20bfce375f6848adcd6a5ba227964b89347fa20dfb14c7408b3a45
SSDEEP

384:WPyZNjtU2myEgOnyC0P0JMn8/bblAqBM75vjxZIfQSzXtgphYzY:WyZe6CZxnlhBoHyQSXtgzwY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
000283a4582edabc2a70b2b254a46c33_JaffaCakes118

Files

000283a4582edabc2a70b2b254a46c33_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skip3546Wall
UnHookWindow

Sections

CODE
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ