07047b545e96fb2b02ebb355f7cfefd2_JaffaCakes118 | Triage

Sharing

General

Target

07047b545e96fb2b02ebb355f7cfefd2_JaffaCakes118
Size

20KB
MD5

07047b545e96fb2b02ebb355f7cfefd2
SHA1

eda1e6b60c9664b3f62e8311b53e974703bc9346
SHA256

ec9072e38ac31141cb6f1eff5e30a0d4dd0dd14c1d69a28ddda4bda75e8b70d7
SHA512

655ba303cdb8a7e4faea5bab6346771520a7735c69d6cdb5f2c9eee4950c1d42a497fa9bc151608f97354df90392b6210ee67e83cb0ac642fba3b6528d8c56eb
SSDEEP

384:VIOr5NKZ2yCTUAf125+mT12L3HUIy9r3j749zcTCYYOhpcgG:VHr5ckc+aQyrTccTsqpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07047b545e96fb2b02ebb355f7cfefd2_JaffaCakes118

Files

07047b545e96fb2b02ebb355f7cfefd2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFireWall
UnHookWindow

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ