0005b514b5312b58c9b4f21c39129989_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0005b514b5312b58c9b4f21c39129989_JaffaCakes118
Size

23KB
MD5

0005b514b5312b58c9b4f21c39129989
SHA1

d7ca8c12489e63652cd3aaf9ce24f90a9974fb1a
SHA256

83c4d7cad504a8e89c03495eb6f46e50f5f6bf8acbb80a16d73bbcd50cc6d747
SHA512

2bc4f7e98cb038653596d73d079613acb0869e094b28d1d123130880e8ec89e1a2ad67fb44e56fff8b49032fd19894a1b2284d5fcc5c43d1a878f0e8f660b000
SSDEEP

384:hSdD9d6GoOi45LPBOVlR0Eh9HwMgGDdd6mop+ELuWzEZKBCK7KH:wGiP/X2ddnopjumEZKkRH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0005b514b5312b58c9b4f21c39129989_JaffaCakes118

Files

0005b514b5312b58c9b4f21c39129989_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
aaaabbbbcccc

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ