35a2ac699661824be0f666f9b204ce3d_JaffaCakes118 | Triage

Sharing

General

Target

35a2ac699661824be0f666f9b204ce3d_JaffaCakes118
Size

17KB
MD5

35a2ac699661824be0f666f9b204ce3d
SHA1

b22f37b60f9da63764ef7aa305a54465b89a7fb0
SHA256

df47912807c76a490a5733cf422b3215ad7ccc7a4f08dbc06730a19d5ffa39d1
SHA512

c0afb075a38ce40a7bda6a5732df06089b14f45ed7c34d0176e945e79a593223bdf8694659bc6a54649b7146c2849ae422069fe862e1eb011ae1e66f62d33c51
SSDEEP

384:V96ztqtblYSY6A/MCjt7yMg7cjOQh8QTT2dGi4z1nDYYOBwz0dKB6:VkYZdYcGt7yMqsW61nbM/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35a2ac699661824be0f666f9b204ce3d_JaffaCakes118

Files

35a2ac699661824be0f666f9b204ce3d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skif4freW4ll
UnHookWindow

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ