03a8057d99d6d802355de20d41ad6bf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03a8057d99d6d802355de20d41ad6bf0_JaffaCakes118
Size

23KB
MD5

03a8057d99d6d802355de20d41ad6bf0
SHA1

69b9abb5ccc29a877188af68ef3899a47cf4db33
SHA256

8b4543cd6eafbbf44dd14fd93240a3d6284fae1b7ed47aebb88fab8e59e19094
SHA512

d1bd52121921dcf1b8c92dc91cb2543194a22bce5d42073a481f1f7a6b209c74b0e9d2b0b4e3522f0a2d1ea48bfde113d34f5078ac90bba467ae4175e362abca
SSDEEP

384:dwidD9d6GAn+4ev6QGaV75dt01AWf5BvsQbZBjLdoJv4uzxiQtSudwl:dl/C+R5T01J5tvjuO+xiQtQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03a8057d99d6d802355de20d41ad6bf0_JaffaCakes118

Files

03a8057d99d6d802355de20d41ad6bf0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skip3546Wall
UnHookWindow

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ