0009b598bf82d57db0c2efec67cee8ec_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0009b598bf82d57db0c2efec67cee8ec_JaffaCakes118
Size

511KB
MD5

0009b598bf82d57db0c2efec67cee8ec
SHA1

b85e1033683a92d75f8ff6519c00d482930a807a
SHA256

4057329f9910f6abda0c1dbcfa8d62a54923bd8f248aaf4c12361f1d27508b95
SHA512

f1e19cd15bcf0a080a53dd018ee1a4e892717412343c58a99dbc70bd5181328bc51a00a7f48c1b6b40c752a6250343797453dfa528baef0ba5dcf2b9e5d1e52b
SSDEEP

384:IpdNjtU2OCu5fNFpHtsfsjlcJctq9jU/ovE87mTTlz6nU02jCi:IpdGVXNImtqJU/oy6nTLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0009b598bf82d57db0c2efec67cee8ec_JaffaCakes118

Files

0009b598bf82d57db0c2efec67cee8ec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA
GetTickCountB
GetTickCountC

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ