367c03dee96bb7367d1ee372bf1fcbb9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

367c03dee96bb7367d1ee372bf1fcbb9_JaffaCakes118
Size

10KB
MD5

367c03dee96bb7367d1ee372bf1fcbb9
SHA1

ad916421ce6e6159858570defb326bd6fe4d9d46
SHA256

ec149c07018ef5441c322638197b4480743a97a4cdced81bd7400c270cb108a8
SHA512

40a6a4adefb8d0630bfee6ca67e14e49e342024eef44d0b90dc979d53eea833c332d7a9ace12689ed3706f5ff2f0cd2a98a6029c0468a0fbb0741c893b358950
SSDEEP

192:T8dksLP0wWU7zs58Wwc8x1NqG9aKs0VOXeLAKVwR/gF5:T8dksD0NU7g58W6CSYWdK9g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
367c03dee96bb7367d1ee372bf1fcbb9_JaffaCakes118

Files

367c03dee96bb7367d1ee372bf1fcbb9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

GetLevelAndItem
SetDIPSHook
SetMIRSHook

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 554B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ