EnHookWindow
Static task
static1
Behavioral task
behavioral1
Sample
0251dfbb3d48c91754793020d55071da_JaffaCakes118.dll
Resource
win7-20240508-en
General
-
Target
0251dfbb3d48c91754793020d55071da_JaffaCakes118
-
Size
175KB
-
MD5
0251dfbb3d48c91754793020d55071da
-
SHA1
6fb7dc87fb465f67d73e7ff59c5fc49e2754721a
-
SHA256
1e5c19bcb04b9e214a589c34b53270cbc9ecfd3688f8413829d66b339ad909e3
-
SHA512
23f7584e1210e429b6c20fb6cb2e00043231df47accd42f0fc0b56739f2ac64fa3f1d6fae3d2fdb3d6d83266ff321c758cc7339a9d4857e89e4674eb57356187
-
SSDEEP
384:VpdNjtU2OSuRc7JPr1zo/1Vnk1bVcQIJJVvkvReIB2zgqHqLp:VpdT/Y2Vc7Jy1BGgqKL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0251dfbb3d48c91754793020d55071da_JaffaCakes118
Files
-
0251dfbb3d48c91754793020d55071da_JaffaCakes118.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
Exports
Exports
Sections
CODE Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 512B - Virtual size: 160B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 6KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.edata Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ