b886b376d50f7ee2217625cfc5b09470_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b886b376d50f7ee2217625cfc5b09470_JaffaCakes118
Size

1.1MB
MD5

b886b376d50f7ee2217625cfc5b09470
SHA1

c3773a6f26176189fe5bc2e1dddb70e6eacbe153
SHA256

08b9a31305abfda4eacea79919719f065cf0dc48e609c6583ec5b8ad03d1969e
SHA512

a07185b84c8f562632494cda49d12019e925b84d52cda6d29d074bd6e5b120f75fd7264af3a1defe3f14dac3f5882588ab9780eb98ce1abaee3351a67ffc4aa9
SSDEEP

24576:p4frsZ3OyjBv8jhSUK9By3oUG64Qij24LkicvUnnA:pLZz1EULHiobs5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b886b376d50f7ee2217625cfc5b09470_JaffaCakes118

Files

b886b376d50f7ee2217625cfc5b09470_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DisableMouseHook
DllRegisterServ
EnableMouseHook
ServiceMain

Sections

CODE
Size: 453KB - Virtual size: 453KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 634KB - Virtual size: 634KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ