3b7a536b089d907ed763493953efdd14_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b7a536b089d907ed763493953efdd14_JaffaCakes118
Size

19KB
MD5

3b7a536b089d907ed763493953efdd14
SHA1

2122cd93dc35cea91fbe3a0d0dd83d9e0a56f304
SHA256

d2df3cdec0a34c8fe78fe730385f62aa44ea3471d72ca65b633ebf63f393e122
SHA512

b87f1906cce8e4d0198f8f66981ae049a7cabf2e790bfcac5bfa7ff7a0f82bb513d0dddef32ee5118c83d249bb019d1f697a1fb556382cc73179e39578e63269
SSDEEP

384:gOr5NKZ2q2Q9YM+MKhX4/1HAxqiThjinzcg1YYONMp52:Pr5PQKVq1otocgpqM2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b7a536b089d907ed763493953efdd14_JaffaCakes118

Files

3b7a536b089d907ed763493953efdd14_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow

Sections

CODE
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 95B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ