004c224f50cfe0cae425231aede64c29_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

004c224f50cfe0cae425231aede64c29_JaffaCakes118
Size

20KB
MD5

004c224f50cfe0cae425231aede64c29
SHA1

95bdbc448d0db31a033831628048828491de692e
SHA256

d272334902ae0fe993d4f490cd2b19066cd48314aec312c041ee440967de8e97
SHA512

226f2f083f543a004ed930e35811aee177c7e5374626835c7d003da5cad63a95261c8d6987078ced2a8bcb7837765da227181726d68e5c4bb81d688fe112b4db
SSDEEP

384:VgOr5NKZ2yCTUAzmZ2K4B0mL7HXQiPX+PHjln4bA9zcT2YYOAkrCT:VPr5cJ2XyCQy+PDPcTwqq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
004c224f50cfe0cae425231aede64c29_JaffaCakes118

Files

004c224f50cfe0cae425231aede64c29_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ