06df8d8827a32fa129a92518b965857e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06df8d8827a32fa129a92518b965857e_JaffaCakes118
Size

16KB
MD5

06df8d8827a32fa129a92518b965857e
SHA1

e221dcf24645a005973a4ceb1a60d4d9ab94426d
SHA256

c5b1ff1fed020bf241da799ad5b94e33973d19ab0062a7d8e2767508277885aa
SHA512

9e14a18e967f74595439f44d680e8207ab48120e9792d5fd911106d3b65d57bf3bd23c3f812f76d33f9753ab25d516503320b13a61189d6b9d15fa3513a76cc8
SSDEEP

384:i96Oi3lnluMkNEiJIMj0VHEViTzeSTZpLUhehC:iZiVnmI8K60eSlpwhehC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06df8d8827a32fa129a92518b965857e_JaffaCakes118

Files

06df8d8827a32fa129a92518b965857e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow

Sections

CODE
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ