00465fa2cdcfebf20a54779ed3945380_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00465fa2cdcfebf20a54779ed3945380_JaffaCakes118
Size

512KB
MD5

00465fa2cdcfebf20a54779ed3945380
SHA1

e66cd9f583a84ca9c71360ec1bf4729b75abba8b
SHA256

52ce359369a76be596275dc3f1e2959bf80cee316f30ad266d3e9471cda50331
SHA512

000ae9857cd30265c5b6e2ddaaae86828a9760aa9a584a5cdef10c7db574322268f5802eadcf68e77d2c5f924a2199cf4c5236bd78212cd86190561cef51389e
SSDEEP

384:jPyZNjtU2m654MLfyHuDo6OV07B5vvxrAyDdg12YYPJjK021ExvslAzXnyE2D+KU:LyZ3T2J67Bb8yDdgK9K02HqXnyEYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00465fa2cdcfebf20a54779ed3945380_JaffaCakes118

Files

00465fa2cdcfebf20a54779ed3945380_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA
GetTickCountB

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ