34c00ca992536707ba37f610275ce522_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34c00ca992536707ba37f610275ce522_JaffaCakes118
Size

19KB
MD5

34c00ca992536707ba37f610275ce522
SHA1

e4ebeb44756fbb90a2c0cfb8068c2521b6afe8e5
SHA256

ed4badc99f43213ce411c7437e5cee1081ac49d537afccb301f195cfd9959ce0
SHA512

1d7bacf7bdbc0c304fab0d7547cd6fcc4fa8f27325dab4c80297f7a87665273f94174fa343737488cfe5c0dfa814ccd5d7d9b1d309626b39d1dd59f46f33af73
SSDEEP

384:PyVlNjtU2e2lYJ9g4R9Jl5K1Fu+dmrD+sC9r6nFRHFg6+CPOTAgzEZIPL1:KVlPsRH8u3uuFRHFgTvhEZIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34c00ca992536707ba37f610275ce522_JaffaCakes118

Files

34c00ca992536707ba37f610275ce522_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
aaaabbbbcccc

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ