05dbeb96b2984c93049b74d9d06eb33b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05dbeb96b2984c93049b74d9d06eb33b_JaffaCakes118
Size

20KB
MD5

05dbeb96b2984c93049b74d9d06eb33b
SHA1

cee110fd1e0e7893b1f52593e6ac77db4a74bd10
SHA256

ed8c0e1d6f2bb308b3ac409cf154e7d04b1ddaf8f34e7ed59fc68d405b9263a4
SHA512

9834585686d8e5ba691f6c0f2de9641c56ff620f4ca8358ed0314b60c79ab53bd6b8baf1a9c62bce9f56a38b8fcf7d3c3df1c90388caf29ff9de80f8a08485b4
SSDEEP

384:VzOr5NKZ26AwjFXxuYJo6QRHMaN5QsWuPIqj5R6JzEvKYYO9y9i+:Var556fQ+aNCsJIqGNEv0EyJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05dbeb96b2984c93049b74d9d06eb33b_JaffaCakes118

Files

05dbeb96b2984c93049b74d9d06eb33b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skif4freW4ll
UnHookWindow

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ