3f7506e015da0857bd28e905be458c48_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f7506e015da0857bd28e905be458c48_JaffaCakes118
Size

24KB
MD5

3f7506e015da0857bd28e905be458c48
SHA1

2a8c66b6b29fa0594ec759151b6c12fb86875a64
SHA256

d7526051b906f47b0ac65b757a9af1748ea9c009d3cf724d9f6851ce2ee86a19
SHA512

ea4484e236cda0b5cc00dcc5d1a2e3fdb586aa8625a8f60fad7dc28a8a8ebf878acc5eb945cdd3cf148d71f92ca5cb31e85b2f7ac14c61c79cd092e132bd3c00
SSDEEP

384:1dD9d6G4q6glPDFk/J8uDYBhHKuuRsPljjonjK1I5zgIl2f+IO:1aaFkQrHFPljEjpdgIEK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f7506e015da0857bd28e905be458c48_JaffaCakes118

Files

3f7506e015da0857bd28e905be458c48_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skip3546Wall
UnHookWindow

Sections

CODE
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ