ff3aba75fb1027225e9802268398de23_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff3aba75fb1027225e9802268398de23_JaffaCakes118
Size

22KB
MD5

ff3aba75fb1027225e9802268398de23
SHA1

908e275c2d6305cc3c6b68e5ca5b6eec8b2f8cbe
SHA256

868cf52fa34ace2774cac300a92d6440f137bd4ea5d274b13b5f869ae7b7c76e
SHA512

9decdcca5bcfa09764e367d0c8c3b356248814774c5fbf1e5d183991b90422f9893a96f39189532a4cbcd7b18d53c537a037095096e1fa84465f23f58c3ef8a7
SSDEEP

384:lPyZNjtU2mPgnWFc84KAivtMK118E5D2j51dhzxZYr6d4jPu:dyZWNVhAUV11w51dlxZYr6dt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff3aba75fb1027225e9802268398de23_JaffaCakes118

Files

ff3aba75fb1027225e9802268398de23_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFif45all
UnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ