0f8ccd3841cc41c78623500ac7d7d840_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f8ccd3841cc41c78623500ac7d7d840_JaffaCakes118
Size

17KB
MD5

0f8ccd3841cc41c78623500ac7d7d840
SHA1

f8493b8ac6277a10d31b8d1d68caf0e57bb52796
SHA256

e5160e0ad1f485388cd679d28e7d315730b004667bd8690843be25c799226c3c
SHA512

4e1d86287d44244ea57ed2066ce01fd17bb65e2a6d43d4de26e3a46ccec105997fbe78fe16153aba812d61fef9adb6afa51a747d2b6ccf8867b1b5700bb33a51
SSDEEP

384:d96ztqCDoQNELkSBYcwgtWjIKsc2wG8zMnQYYO2bh:dkDosSbwgtGY8Mn+D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f8ccd3841cc41c78623500ac7d7d840_JaffaCakes118

Files

0f8ccd3841cc41c78623500ac7d7d840_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
fjj4u9fdjklf

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ