05a4673d44e83a7ff31f1d67679f0c5b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05a4673d44e83a7ff31f1d67679f0c5b_JaffaCakes118
Size

19KB
MD5

05a4673d44e83a7ff31f1d67679f0c5b
SHA1

13c29295720f18ec6390358683432b02888c3a78
SHA256

21bdd1de1120608f24c8e0cb37715ac62856e2f72c96359928486b2eec001895
SHA512

929d7dea3a1451a5e3fca93e091c69749cd7b5cea509b7c1bf6fabd01504337e197309d4bddd5ec87ff6e1d956c532abf0e452bbc77bf9abf5de11d0ab56e56e
SSDEEP

384:9PyZNjtU2mSEgj0pi8uN/ccP35gd6BchsjA5fzX3Y/dOx:VyZuHy/xgd6BchcAZX3Ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05a4673d44e83a7ff31f1d67679f0c5b_JaffaCakes118

Files

05a4673d44e83a7ff31f1d67679f0c5b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
a4e5b47ec457

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ