00176a6a891f85c84fe7842c61a0c8a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00176a6a891f85c84fe7842c61a0c8a9_JaffaCakes118
Size

516KB
MD5

00176a6a891f85c84fe7842c61a0c8a9
SHA1

6741019c113906cfaaabb5d7bade61364c09bedf
SHA256

4aa43f2baaddd9ab6a01d875b5527483590ec05d06c6fe661576defbdd4c4cfb
SHA512

ad76e1739ea6025fc14a2926cd6b7fb417e9066bf431c4dbc2f7b96a25aa81da7f788d8ae3a84005e56c2e4f2ef1ce0dd91613507e69dadced55a3624a2c609b
SSDEEP

384:rdD9d6G4q6gkfkfD1v1/1duaaVqnKya3WvTNkj8ycHE7uAzgI2NN8e/KSpvE:raDf21d6R0nKWvTq+FAgISNfVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00176a6a891f85c84fe7842c61a0c8a9_JaffaCakes118

Files

00176a6a891f85c84fe7842c61a0c8a9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ