d4f811f5869206e703643392d7564366_JaffaCakes118 | Triage

Sharing

General

Target

d4f811f5869206e703643392d7564366_JaffaCakes118
Size

47KB
MD5

d4f811f5869206e703643392d7564366
SHA1

d4676b028394919d1b19f094f8688366069fda10
SHA256

bddc969e41f3e3c2d4efe68973a99166388fb2c0c105c64385bdf4118bed6b2a
SHA512

59ee24ff9ec091bf34c24db41953cc7b3ca58df83033b8daa3662d58697a9c886a4234aa78d0df23e6a3ef857bfbc12cb01694ed4c96ca9a49680a4b5ac47c32
SSDEEP

768:VZi3CojbKYD2qbWQAIFxujfXcpKZa/+HefO99TylXUYc6uTk4:VZi3C46LIFxujfXV3HefO99Wl14

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4f811f5869206e703643392d7564366_JaffaCakes118

Files

d4f811f5869206e703643392d7564366_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

StartHook
pt_ksHook
pt_tzHook

Sections

CODE
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ