dfc4259d002cc28da3d6483e578db57e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfc4259d002cc28da3d6483e578db57e_JaffaCakes118
Size

50KB
MD5

dfc4259d002cc28da3d6483e578db57e
SHA1

b8aa73e2311c5d1217897b81f5725b447ec1f704
SHA256

ba2e28151bc3686345bedec5921fbef598ab0d011508674a8e26e63a5eb83eef
SHA512

e7b689341730d5931f8b0c2c72e5479fb2b7e291ba595592ae748fe6a425e0b052c8762e56d04053953796b1d6fbc143a11fc08214e686582a4499e022792f13
SSDEEP

768:83niVqvQXEsjVwshOPtsTsFD7dM9IGPSNOA0gl+dYoE1ZxMD+3ufC9rjqd4gc9l:83iVqvQXjd4FLGKNYgllLMilk45n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfc4259d002cc28da3d6483e578db57e_JaffaCakes118

Files

dfc4259d002cc28da3d6483e578db57e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

Endkeyhook
Setkeyhook

Sections

CODE
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ