5dfaaf11443bddc3319455d770d8d4be_JaffaCakes118 | Triage

Sharing

General

Target

5dfaaf11443bddc3319455d770d8d4be_JaffaCakes118
Size

20KB
MD5

5dfaaf11443bddc3319455d770d8d4be
SHA1

899482be51ca8412673ce3e2cf70e291e647ea64
SHA256

88948e3894e213eefe0d0be04f0f5a5583baa040af4699cb4274808f152a4006
SHA512

5cc013f33a7e75c59d6ebbc90df4b629f5ff3682129839815cc52f21b4ae90f536b4843952355e808ff37550441f6c2fd9cd2a671380f3698f26906833f75711
SSDEEP

384:4PyZNjtU2mWwr0N0osn9bUSDuYq6/Qj9zEZq/MgE:oyZ//+bF4REZ6MX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dfaaf11443bddc3319455d770d8d4be_JaffaCakes118

Files

5dfaaf11443bddc3319455d770d8d4be_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
f45678912000

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ