05c301d90d60764f6c360d7e0cd2e1b6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05c301d90d60764f6c360d7e0cd2e1b6_JaffaCakes118
Size

51KB
MD5

05c301d90d60764f6c360d7e0cd2e1b6
SHA1

edc1ca8d60eb8cb593bc99964c0dfc91dcee4675
SHA256

3b8a7704070267a66d345939f39fc370632a6ec7e2250f1a03b0d27644d3f42b
SHA512

9caba8e728573034538c1b491496c72f5ed2b55bee1c9fa3ea32617c8a95eec7f5a7a16d7fab17f5277cb1d997d9ce422b96878b1aeb789b88e4898a44e2a08d
SSDEEP

768:e3niJquQHLdwNhlN2ouTSL9e2oinBDeKgq6T3iwX9V+r+E4Wt289xCWtK:e3iJquQrGBuj2oDZTywtVAfc89xCCK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c301d90d60764f6c360d7e0cd2e1b6_JaffaCakes118

Files

05c301d90d60764f6c360d7e0cd2e1b6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
InstallHook
StartHook
StopHook
UnHook

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ