0070d105f3869409be775c36d03c19fa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0070d105f3869409be775c36d03c19fa_JaffaCakes118
Size

27KB
MD5

0070d105f3869409be775c36d03c19fa
SHA1

c4da573dba86924eec2417e657ff8183efc4e1fe
SHA256

4532386b6581ca41f8fdbf58206c9aa295ae115cae5e1d12a3be11bec90173f5
SHA512

2c177ceeea706a764b4c3463a53051b131e89bc709536c7e8306ff9802d9620419f08145e551c5984e5373100a2eb73690f795daaf253c3738fc7eff098613da
SSDEEP

384:ldD9d6G4Cw58MiiIC9s02nrmLRMRU0zkjh98BQ5F8jUWEKVjkzgind1lWscP:ljegiIvmCU9hWK4UAkgid7Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0070d105f3869409be775c36d03c19fa_JaffaCakes118

Files

0070d105f3869409be775c36d03c19fa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skip3546Wall
UnHookWindow

Sections

CODE
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ