0159d2f6c5d67bc644f7048e9ca4bbff_JaffaCakes118 | Triage

Sharing

General

Target

0159d2f6c5d67bc644f7048e9ca4bbff_JaffaCakes118
Size

23KB
MD5

0159d2f6c5d67bc644f7048e9ca4bbff
SHA1

4fe8f9ce18191c798bcfacb5618c7b1cf0f175bc
SHA256

f796e1ecdc8806de7fe9f6d2f9e99db9cc651371ec698460d0013b83447d681f
SHA512

7ea35f1c1e7148be88f4b75f4a212f4b0bf2c6b986483961e22908a3e64c912bd540a1bb093e765cdf53a2dcbc629fdc4ad85f327efbb9619f83b0483a6362b3
SSDEEP

384:CyVlNjtU2eFMgUSNHFAfEo7NuBocta8sLIDvFhrzLhiDqEj17rTPFDzElFB6c:HVlD8m57NbcTSIjQDBlvF/ElFBV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0159d2f6c5d67bc644f7048e9ca4bbff_JaffaCakes118

Files

0159d2f6c5d67bc644f7048e9ca4bbff_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
fjj4u9fdjklf

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ