00046a69eb5d410f824749c30077072d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00046a69eb5d410f824749c30077072d_JaffaCakes118
Size

514KB
MD5

00046a69eb5d410f824749c30077072d
SHA1

c97414ed0468a366707c18a50f918749052d714f
SHA256

e6898d511c07c1cdc462827292e6eb9bf294a69bbda465c64015ae3dec31d165
SHA512

55a3cc50a6ac19ed1d39b64f8bbb57a3eaaf589080e775d8bd32481b600a98f385668faa30aaa41e97181ea65fcd4488b84b66109e5a0ab039f268b86b7dca24
SSDEEP

384:bidD9d6GAamQ0TnrFguyTG8Ylc9qapl2w0KuydmjHaEKjGhUiz4IpcdQZj9g:uujXFguOZl2w0KqH4pC4Ipc46

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00046a69eb5d410f824749c30077072d_JaffaCakes118

Files

00046a69eb5d410f824749c30077072d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA

Sections

CODE
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ