15a39b8739c13495af4a638b2ee81fae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15a39b8739c13495af4a638b2ee81fae_JaffaCakes118
Size

26KB
MD5

15a39b8739c13495af4a638b2ee81fae
SHA1

b7d46f872621c17eb5284ac0ba6801ee32d1d121
SHA256

81e1a76520abffe652662e3300852148ba7cea15d924cc62adf5a7112313a8f3
SHA512

94c4015a873704b4872ad51115ef680ad350635d2bb3368e16de5e7c89a9bd884a02be454ccbc26b409638f5111bc5d9be9f1c90b3821627c6fb2a68b62ca433
SSDEEP

768:rW6ek0gYqvtLseOaBxj2sCghnRI3TEcQeLY:uHGSecs6whe0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15a39b8739c13495af4a638b2ee81fae_JaffaCakes118

Files

15a39b8739c13495af4a638b2ee81fae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
fslj423j3423

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ