f6fc372695c6c76ec97fc07ab7214ed3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f6fc372695c6c76ec97fc07ab7214ed3_JaffaCakes118
Size

155KB
MD5

f6fc372695c6c76ec97fc07ab7214ed3
SHA1

42ae44e5f2de4f6b423245d327973389a22380e8
SHA256

112d6f7034d2c360e66ccfd6a562f967bbe98be61e23227dfcc3f831c741bb6c
SHA512

a95e5690ecd713009cc652fd7b3cf8fff633a1759034ea2aff52820240d4717805c1471c6f8651ee7e8152fce096e2b2e8ea715065f29bbe41ccc08ee7dc2fdf
SSDEEP

3072:KEfmE8qR4CitQUY04nO23DFo6NZ/JzXpNXEwvDDhuQ0duoytl:jfcMDa6NZBlNXzLAnU9tl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f6fc372695c6c76ec97fc07ab7214ed3_JaffaCakes118

Files

f6fc372695c6c76ec97fc07ab7214ed3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

SetCNkeyhook

Sections

.text
Size: - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xiaohui
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE