028b9cc94754dbd940361440da12f7ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028b9cc94754dbd940361440da12f7ee_JaffaCakes118
Size

20KB
MD5

028b9cc94754dbd940361440da12f7ee
SHA1

17dd0d9552c9a8cc2dc251400139b25c4df7f83d
SHA256

d260a37113609665ca4ac30ac0da050c81d4d2b3e111293030df938e62476800
SHA512

455a5db3d8435272acb739e4c70d7539c29dc2b11ee1396bf4475c9a1ed6d17a76aadad2962d637270406577abc6bea910c29c3c9ae2847754451bb5c3fa562a
SSDEEP

384:TPyZNjtU2mW5j4ygqHac34XvTPkM1Kj4z1iV/zv:byZ71gGD4fTxKY1iVb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028b9cc94754dbd940361440da12f7ee_JaffaCakes118

Files

028b9cc94754dbd940361440da12f7ee_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFi2eWall
UnHookWindow

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ