021d93f496cadb450f0e638b890a262a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

021d93f496cadb450f0e638b890a262a_JaffaCakes118
Size

23KB
MD5

021d93f496cadb450f0e638b890a262a
SHA1

e4144dfbb0b004097b1e5069b772bb715400421f
SHA256

2ef1ca4f7473758320d3e7315056c4ec86ef9837c23212d7bde8e59bd169c578
SHA512

6a31fd38260d30a47fecf3597a771b5a5043a9594b17fe1ac77bb8d1efd9a36ee6a34f9748a10787ddd2a8da14baa4a6e95d6a441053e0a31d8aace249fbd240
SSDEEP

384:EqyVlNjtU2eGg45LouZJ8R2IEhQQ8RzNmG6GpJ1ELro0zEZ6bzxHcfV:iVlmiJJqPN7HpJcUUEZ6SV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
021d93f496cadb450f0e638b890a262a_JaffaCakes118

Files

021d93f496cadb450f0e638b890a262a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
aaaabbbbcccc

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ