3df2d5c990d2d3e7d068f14916d07db3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3df2d5c990d2d3e7d068f14916d07db3_JaffaCakes118
Size

8KB
MD5

3df2d5c990d2d3e7d068f14916d07db3
SHA1

c0717d5c6fa8109a06ce554b51071b72d8c0a4c7
SHA256

dbe8fb2ae6a0701002d0bad07c2b571429b689574b51a9e085299b39ff5692f6
SHA512

e7536e7cd94496fccccf0045e2eba210f0534c600bb2424c205a1c964d58ffd0b3f71c34b82d0e9115b5f44400eb9e65118c79dc6494325d316c7af34e87002a
SSDEEP

96:nPKDrItAH5kwtO2x8sZSUiDGHT8l980I2lFjcW1vDYYrGt:niDstAH6076ut7K/lFjcW1LYYqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3df2d5c990d2d3e7d068f14916d07db3_JaffaCakes118

Files

3df2d5c990d2d3e7d068f14916d07db3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

DelKHook
SetKHook

Sections

CODE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 91B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ