007709ba1b5a683319157ce8e492781c_JaffaCakes118 | Triage

Sharing

General

Target

007709ba1b5a683319157ce8e492781c_JaffaCakes118
Size

83KB
MD5

007709ba1b5a683319157ce8e492781c
SHA1

bc44500ee3b71c6c2f4687b7ffe0f2000fbadb4c
SHA256

9577137687570a7a1f749f011a6e747cde2e001905d57c8922f20bcba52d2830
SHA512

3fc2eeb45de28a2568b3ba661551b659557393cd59bbe7aa14ebae8c2a217ecf74a35c16d65a858f0ff94aa2cd518133cf0e9ee17fdba2231aad35ae5f1e278c
SSDEEP

384:DidD9d6GAPvgkfb3yHiPTGT0oEb1Av4T4GfuAtjBQ3jCBBEguozXtVjw:2ODfu90f1ffUCBjXtVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007709ba1b5a683319157ce8e492781c_JaffaCakes118

Files

007709ba1b5a683319157ce8e492781c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindowB
GetTickCountA
GetTickCountB

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 121B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ