4a3a704b5d3cc7e7fcdca8216412b9d7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4a3a704b5d3cc7e7fcdca8216412b9d7_JaffaCakes118
Size

92KB
MD5

4a3a704b5d3cc7e7fcdca8216412b9d7
SHA1

8f3e18583f7e02e8bfd58f66e724c8e84d21505a
SHA256

d1a922bd489ac8a8a9527c75899aa26ec4ef875ba3785da76ed87273a16168a6
SHA512

c6ef8c835cc320a96847544dfc7a3e1b2c3cfec77c6c3d117db662e84aa430d5d5339b312b2d96b7f9b4658b2313ab3d4b4b819fcd71ca554291224bfa50386f
SSDEEP

1536:hzq5NUQFaa0GXR3BmNHrw9uW/Po9c+YnKE795grO2Qu7ZVcSVAiIQoLID99:ENUhHIZQNHs9uuPo2+YnKqHgrO2QsZ7r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a3a704b5d3cc7e7fcdca8216412b9d7_JaffaCakes118

Files

4a3a704b5d3cc7e7fcdca8216412b9d7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
SetHK

Sections

CODE
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ