8274ab577d05664c9813cdd8968f0f4e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8274ab577d05664c9813cdd8968f0f4e_JaffaCakes118
Size

36KB
MD5

8274ab577d05664c9813cdd8968f0f4e
SHA1

f853fab2ddb3b13f1fffcdcd3dcb76acbb4f9733
SHA256

952608ac69257101e0c632acf1598158110ad4611c6b5c90f6937b7af806da68
SHA512

4ed4baf96ccaa10f463b8ddde5728f64a2b75a3f2b308c1f2782f5066dbb7e75d71d7dbda19ad211b7f4aa040229eccfb8a1db20831e1776914e06c987b505f0
SSDEEP

192:78plySCwv/5BBe9ocWaR/aoCZnFpN3/m/JQEOIHFZb1cGXc6ha:7YlTBBBKocWaILFzvm/J331cGZa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8274ab577d05664c9813cdd8968f0f4e_JaffaCakes118

Files

8274ab577d05664c9813cdd8968f0f4e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

34fd924a0c530facf1d6b71df3fb2867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

ws2_32

gethostbyname

mfc42

ord4274

msvcrt

_adjust_fdiv

user32

SetWindowsHookExA

ole32

CoInitialize

oleaut32

SysFreeString

Exports

Exports

?DelHook@@YGHXZ
?SetHook@@YGHXZ

Sections

.text
Size: 8KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE