ee94937f07810f36effbc6d30254e9a1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ee94937f07810f36effbc6d30254e9a1_JaffaCakes118
Size

156KB
MD5

ee94937f07810f36effbc6d30254e9a1
SHA1

1d77a2bc09a3a922b4e61c15f967ec96b2f7d589
SHA256

1cc4310897225990a6067ffc9cb22f8846cd46cc3b5044fde09a6ab4eafca16a
SHA512

c7305c45e9e5d7f408c81ba779c37b4fcdca6d345ca17f7ebd2cbc58c55bc2e713ad72d362b3adde6cda16a2510a770138ac2740eeb7b84ba28729b556840d83
SSDEEP

3072:I3eRed8RoULhY9C9Y/DzSz9Vgrp48nZeE95hs1zUzSEoEmZ0S:IuRsCFY9omiz9V4qSwAzL1fS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ee94937f07810f36effbc6d30254e9a1_JaffaCakes118

Files

ee94937f07810f36effbc6d30254e9a1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4146cc0ecd2d816b5db847b6cff198e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

advapi32

RegOpenKeyExA

oleaut32

SysFreeString

Exports

Exports

StartHook
StopHook

Sections

Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE