1a63adedeced82ce5729b0aca38e962c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a63adedeced82ce5729b0aca38e962c_JaffaCakes118
Size

19KB
MD5

1a63adedeced82ce5729b0aca38e962c
SHA1

fdbd36f3d3068cc43c06d488ac81c84823564d82
SHA256

e264fe5b4ee68264f20b4f8e8bf80cfa4c878fe5f67d314e843a55d71400f4da
SHA512

f077470679f527a5cb0e8f8adba4b049eb9b2c07e2fccc1a513ff799f12c1daa94a352f8421f2d9c8dc442993a30ec535b8b66cdefc0398448ba2b4cb7e4ee5e
SSDEEP

384:Fqau0NKwWFEnUYJoHEcw5v1sjAiPtgGzwugYYOe+:Fnu0RtGzw5v1clPPwuuE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a63adedeced82ce5729b0aca38e962c_JaffaCakes118

Files

1a63adedeced82ce5729b0aca38e962c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
fs448547aaaa

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ