3a56d458a6ade7e39921b16de88d566d_JaffaCakes118 | Triage

Sharing

General

Target

3a56d458a6ade7e39921b16de88d566d_JaffaCakes118
Size

17KB
MD5

3a56d458a6ade7e39921b16de88d566d
SHA1

8c5e2f899579eac54c3229344c62744b038ae160
SHA256

15c4fd2442354353905e0aa15363a230f2ef8cdb50ed93777e90e38fbd953687
SHA512

54206f1921b1d057e0e1cb58d4c0719c808eb2cee11f357e489fd73c714c1a85460763c9ebdbf3a39f9d69413893d22498c27b84a056ab6345b87ec0fba496a7
SSDEEP

192:n/jLDCFc/kmLVWFYqf1W6W9CZiE242HQOUtm1/vN7HAd6xCENgC5Hf3VXREcjZDi:3D4+VNqw6WXE2Tto0vdA83ffVXuaqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a56d458a6ade7e39921b16de88d566d_JaffaCakes118

Files

3a56d458a6ade7e39921b16de88d566d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

RemoveKeyboardHook
SetKeyboardHook6
SetKeyboardHook7
SetWindowHook

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 154B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ