09ae2b13f57cb02d295b22daeb29cb97_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09ae2b13f57cb02d295b22daeb29cb97_JaffaCakes118
Size

79KB
MD5

09ae2b13f57cb02d295b22daeb29cb97
SHA1

2943b51c35c85ec65fa0f4ab6a145e06fa2a9018
SHA256

6590778d228dc1d29c9ff4d0826134ea4131b9322895c57727196cbccd59d077
SHA512

16c8e4e2a81b66d4121f35f521b5d8b5ff07039a76ca6954d12e7865357d5ab9fda8df23ddc907c79778807e058f28d2e60ee6514a773c8df81e05f79f3e61e7
SSDEEP

1536:qQqszstgEpgKI01MVYXRfRzYHP3/Hia+u6L+Rt0W:hziz12YNRziPvHf8kt0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09ae2b13f57cb02d295b22daeb29cb97_JaffaCakes118

Files

09ae2b13f57cb02d295b22daeb29cb97_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

HookProc
InstallALLHook

Sections

CODE
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ