02113f291ee6e0dc613836fcf910ea4a_JaffaCakes118 | Triage

Sharing

General

Target

02113f291ee6e0dc613836fcf910ea4a_JaffaCakes118
Size

512KB
MD5

02113f291ee6e0dc613836fcf910ea4a
SHA1

c3ab3c52c59344b061b9f027afd68696df3ab04a
SHA256

2c0682c466ecbe04a72497d0543a8bca6497b608b72d5a47b9956d690ccef19f
SHA512

c770aca7950e441f60bc85dad61149bfaeb7cacd64d3c4c5ef092ab2b2699dc4755932a56b9f400ec44513a7b6eced11b9004a667dbc8a446e3dc25b7296df59
SSDEEP

384:VyVlNjtU2e6VYOtfcePYXMh+/wawsrYMnDeRXEso8i6at9VTTzE7Zqn55:IVlDt1YYJKY6eRG8i6aVvE7Z0T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02113f291ee6e0dc613836fcf910ea4a_JaffaCakes118

Files

02113f291ee6e0dc613836fcf910ea4a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA
GetTickCountB
GetTickCountC

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ