95f7dcb421ce2c308d367b7aa9be2510_JaffaCakes118 | Triage

Sharing

General

Target

95f7dcb421ce2c308d367b7aa9be2510_JaffaCakes118
Size

12KB
MD5

95f7dcb421ce2c308d367b7aa9be2510
SHA1

0c954057c9b2dd783312ed84709aaa5572db2867
SHA256

6e25dbb637d711d25c2c23456acbbf1517983d6097fabebc693c43cfb0df3f9e
SHA512

f3d453b74da2c68077e6fdf55f069d8eee18dbd230951612e4e6fe8bca2d2a0172a453d61aad0b10994c181213c80d8790cb50dd72c94a647927e8efd0a03eb4
SSDEEP

192:G39idAyfolC4tIo1sFfyyWjyn9yJaTUghvFVr:ldAyw/2UyWtJYU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
95f7dcb421ce2c308d367b7aa9be2510_JaffaCakes118

Files

95f7dcb421ce2c308d367b7aa9be2510_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

GetHookMessage
InstallHook
RemoveHook

Sections

.text
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE