00039786b1d831ea76700b20e1074de0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00039786b1d831ea76700b20e1074de0_JaffaCakes118
Size

515KB
MD5

00039786b1d831ea76700b20e1074de0
SHA1

5b79ac14cea4e8f72b726718d8e0a5df94852dc5
SHA256

aa5fc6882a5ef5e8fee40c87d9fc10d13ac9b5dbbed91d1fece4e6ea622c9577
SHA512

d429921a59ab4145dca1fb26b0c805f3bf9bea58cfc5fd5acedd2bf72e4f3521883d22296964a407f6d5aee2f47e2cbcbfad907ba5da8ecbec92e21b026a61e7
SSDEEP

384:tLXTfb7njvr3zGudD9d6GaTfbnh8HDPLXXTfbnjvrYz/7HDPLXTfbnjvr3z/Suru:pDtPT/pxnKvSnF/X3R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00039786b1d831ea76700b20e1074de0_JaffaCakes118

Files

00039786b1d831ea76700b20e1074de0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA
GetTickCountB
GetTickCountC

Sections

CODE
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ