0019eb660c8286e1acb428420f2838ba_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0019eb660c8286e1acb428420f2838ba_JaffaCakes118
Size

23KB
MD5

0019eb660c8286e1acb428420f2838ba
SHA1

7115781dfb09ea8b61c979f771468da3a5265b04
SHA256

f2df1978464da75ac6366a077458df91f9a474870c7f624fd981c2ea1b6d4cfd
SHA512

d5f8c8d8b1d2841aba15e9e16fd8a4f2051bb6c865b5c05cac68ef4d3991120a1babbf9e04047a850cbd46f9a9957ef72750245cd6e0db036f659cd6e37caaa6
SSDEEP

384:EidD9d6GAm2QBzpWm38wbqZfRI2IrdajHZTwJEfdnvzEibg+ci:RK6teZ5I24d6HZTwmnbEibN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0019eb660c8286e1acb428420f2838ba_JaffaCakes118

Files

0019eb660c8286e1acb428420f2838ba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
a4e5b47ec457

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ