429e0bd929fe081b46d426c34ffe4c19_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

429e0bd929fe081b46d426c34ffe4c19_JaffaCakes118
Size

21KB
MD5

429e0bd929fe081b46d426c34ffe4c19
SHA1

3da61b3c54b293643950f25eb80e3604f9037bf6
SHA256

998648ae43c6302fa5b2838de22735a3f59f08b6c6a3b35d441c646aedc9e814
SHA512

96e1d1f42f6f98b5ebdf397a9861fa63644e4f3867d243dcce67e52c4bda5eada046ded3a1da8d60067729f47f6ac760e418bf2b9095c195badb2034545bb313
SSDEEP

384:88PyZNjtU2m254cvLHPY28KsvuBn31AGRafDF2JjNb7qQVzvt3Ir:RyZrBn8KquBn31VBNb2Avt3u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
429e0bd929fe081b46d426c34ffe4c19_JaffaCakes118

Files

429e0bd929fe081b46d426c34ffe4c19_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skip3546Wall
UnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ