00058d21de316e47ca368039dd16f702_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00058d21de316e47ca368039dd16f702_JaffaCakes118
Size

21KB
MD5

00058d21de316e47ca368039dd16f702
SHA1

3526f7dfe659f75890d0b109ecc1f2ba7f9cc53a
SHA256

4978bede119d9ef4e9137907709cfc9a3741b2331a4c2d88f373a7fbca63658f
SHA512

6b71ce7ed780926007f41bb9128adb017196faa7cfed0d0a959066af8e88eeb96fe99c3aca583a52c2b7f09e95cdbc00bee9c60457e31e3bfbea7c59fe5fb505
SSDEEP

384:VkPyZNjtU2mvIGjiWGY1V1fJmOGmjmYzETeSRHuy7Lj:V0yZupi+hfA2jETrRL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00058d21de316e47ca368039dd16f702_JaffaCakes118

Files

00058d21de316e47ca368039dd16f702_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
f45678912000

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ