00019c7d696de2438b055b86b3c19d37_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00019c7d696de2438b055b86b3c19d37_JaffaCakes118
Size

22KB
MD5

00019c7d696de2438b055b86b3c19d37
SHA1

b2a4b5d36957154b2e407cf7a9d69da543e442c0
SHA256

cce5f064ef8330c0656606bd4da0adb52acd85acd23863d1a6e4e2122c622687
SHA512

48b52c3ac7fa5f381ec8aa9d234a1289325f3d2c032bb432a41358883c766a42c3c7acf05b0f356d59860da3bb92866f96a5b43d278b3048675f4749aef2080d
SSDEEP

384:ZPyZNjtU2mSEImL2kvta7gDiCL+DYWdAMZMrIgNHjTUEr7H/z29+8RkElV:xyZex2kaVu2YWdAhIgNDTh7r29+8RHf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00019c7d696de2438b055b86b3c19d37_JaffaCakes118

Files

00019c7d696de2438b055b86b3c19d37_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ