efc1a59d277a322cf7095ad67d74a0ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

efc1a59d277a322cf7095ad67d74a0ea_JaffaCakes118
Size

5KB
MD5

efc1a59d277a322cf7095ad67d74a0ea
SHA1

f2505aec08cd38c2b4bdb73265c336715875641c
SHA256

9cc72897710bda10d90d624dc08d8eb0a038d0a9ff4bfd180af13b5e0eba3c83
SHA512

d22e7fa24e466cb9b1dd427cf44d169a11ab15ba700f4a8bb3318838d6ae65cadb14af069b7efa62a4117f0f37ec5da128fc49619167d113320ede2b6544477b
SSDEEP

48:iz/ftElgBENBWmhFDvg86Wnk4HisskQTYZWP9/l30n5xsVx/K:WAgWjZF1nLHA0Evey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efc1a59d277a322cf7095ad67d74a0ea_JaffaCakes118

Files

efc1a59d277a322cf7095ad67d74a0ea_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd3694cca18a81090dceacaaad4cfa39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Imports

kernel32

DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcessId
OpenProcess
VirtualProtect
EnterCriticalSection
SetLastError
LeaveCriticalSection

user32

SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
MessageBoxA

Exports

Exports

Look
UnLook

Sections

.text
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 773B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 45B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ