30b1658a33e47032b8c3fe33a58bff15_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30b1658a33e47032b8c3fe33a58bff15_JaffaCakes118
Size

53KB
MD5

30b1658a33e47032b8c3fe33a58bff15
SHA1

929b5e7094f965d210cb951ba09d110e4f46265a
SHA256

3338a42108623467e16d2bd62e5785478e316ee15762fb2a58f8941375dc8251
SHA512

afeafe7ab8ad49c129c9fd686ece24408ac6c41160ea94808a43006c068ef9675fe55c60fc5c005405e5a0892cf3cf0340ac9dacfc6bc134feaa10841d905755
SSDEEP

768:Wy0qgEDmQhVhIniqWIb3MWEBN9cpdBqXE2RGUDzDnTYXLmKdBJWIlECp:B0qgamQhwi/a8BrRnjYmKAxk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30b1658a33e47032b8c3fe33a58bff15_JaffaCakes118

Files

30b1658a33e47032b8c3fe33a58bff15_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DisableKeyboardHook9X
EnableKeyBoardHook9X
StartHook
StopHook

Sections

CODE
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ