a9f09fa14ca32ea239c4de6fd1328393_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9f09fa14ca32ea239c4de6fd1328393_JaffaCakes118
Size

18KB
MD5

a9f09fa14ca32ea239c4de6fd1328393
SHA1

42441a3de989f3c9fa7011ab2ca890965cb704bc
SHA256

83b25592d3e35fa586739d37123897446cf958436a43b3c17ca7205c91dd1ae4
SHA512

57d43b9986cc44f403f16f78a820354a9b79b862b324b412b4af3c0db1ee6baf4ec264fcda841bcd49464b951414f355008c4e8f41045f7fa501c904994d7803
SSDEEP

384:/o+FSriqxOEvOz9UfEvNAsFTeVKTNjwpb/m8Kvgk4VXuaqzvHb:hF9qQEvORUfOAgmKAkurqzH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a9f09fa14ca32ea239c4de6fd1328393_JaffaCakes118

Files

a9f09fa14ca32ea239c4de6fd1328393_JaffaCakes118
.dll windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Remove2AppHook
RemoveDestroyHook
RemoveKeyboardHook
RemoveMouseHook
RemoveShiftCapsHook
RemoveWindowHook
SetAppHook
SetDestroyHook
SetKeyboardHook6
SetKeyboardHook7
SetMouseHook
SetShiftCapsHook
SetWindowHook
newnew

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 403B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ