a98b25346d711381ae71e45a09c9950f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a98b25346d711381ae71e45a09c9950f_JaffaCakes118
Size

1.8MB
MD5

a98b25346d711381ae71e45a09c9950f
SHA1

d6cc3a5916cf53a63f05b0ecfd7b01718c12d788
SHA256

8285d5434e8926df32388f2e97359005b5cb3f4ff2810eeafc1e5de90948e94f
SHA512

72e849eea7e53e83b20eb67d1e5ebed1086b22f5ef39086e629f3e1f70a81a1158e71998df3fd3dfcbf80fdf8529ff79d727f703fe77c158b7e203ef886c049b
SSDEEP

24576:YtKQOhWBd4ilZCgMxfn3eX+cOTVKpy+ptWNcCmfLaTXC0m839B8PH7DRZHyTuBFq:caWBK6cnuXBtW6DaTXoeePHnRZz3H2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a98b25346d711381ae71e45a09c9950f_JaffaCakes118

Files

a98b25346d711381ae71e45a09c9950f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DisableMouseHook
DllRegisterServ
EnableMouseHook
ServiceMain

Sections

CODE
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 691KB - Virtual size: 691KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ