0012c5e547b0b09b1726fe201785e632_JaffaCakes118 | Triage

Sharing

General

Target

0012c5e547b0b09b1726fe201785e632_JaffaCakes118
Size

20KB
MD5

0012c5e547b0b09b1726fe201785e632
SHA1

7c0d6616d7795537c7cc5e7376f0699b4eea1da7
SHA256

e6cbff6de16a59ad14f13c13c9ce0b0740c88ed0f071f2ce8f5fdb68e23cf881
SHA512

c0c669ae3b7c8a2b3c75bddc834f64ee89db5e5471afb6bd7f90e0f482fd4fed0ae9199d4f4dbfe5d8174c48449f69a0b3d20feeb8c1f789cd944b6eb67a666a
SSDEEP

384:rPyZNjtU2m/gxDwGpmEs1C1PNskqEjHbzEiqrRSEXH:zyZmKl5kC1V7XEiqrRS8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0012c5e547b0b09b1726fe201785e632_JaffaCakes118

Files

0012c5e547b0b09b1726fe201785e632_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
UnHookWindow
a4e5b47ec457

Sections

CODE
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ