7251f739a54e4100a1d591bcc80be1a7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7251f739a54e4100a1d591bcc80be1a7_JaffaCakes118
Size

1.5MB
MD5

7251f739a54e4100a1d591bcc80be1a7
SHA1

7852b20b86a351b54a598fa7c7f8d444ef4edc26
SHA256

c083b07f0c1927e2d91939193bf81d327a9d2785c663d40a7557cb45a5ec6e53
SHA512

c640bba34fc7074f62aeb34018f639455c0d938058a6f16199acfa241e775ce4991f5869b453dc695aff205052b20acb3a7e0feb1561ea7842278252c1c66352
SSDEEP

24576:buQaDQ+foI2QnSVCq38YxPaDxZa3ffUcCS3cnA9qTpkY0/+dRH8HaGUPORUN/+BR:buBD3nwF3CDxS0c6bk7ARHdGeN/gUO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7251f739a54e4100a1d591bcc80be1a7_JaffaCakes118

Files

7251f739a54e4100a1d591bcc80be1a7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

d8bc184fd77a37fab98182c7cc7089c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32 rpcrt4

Beep nB

Exports

Exports

?setHook@@YAXK@Z
?unsetHook@@YAXXZ

Sections

.text
Size: 72KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ