07ed0162d947bbef3c3289999c2474e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

07ed0162d947bbef3c3289999c2474e4_JaffaCakes118
Size

20KB
MD5

07ed0162d947bbef3c3289999c2474e4
SHA1

d7e1be498ff12a7188fb10624497d64e7bdf6d82
SHA256

f3499338017d7b8dba4c98f5744c251d878aa123e8b8ffc98437bb6592746f82
SHA512

8739a63b7d9735a0daf996ace45b6939448d6a1deffcff8a7230058ddc4293ae31a354330ded214da1433e19034a7b1a8ff2b24b74000cc050f2acc113b391ad
SSDEEP

384:V0au0NKwmp1JhGDzAgnX91Y0jPFUeWGQHzwnnYYOKdC:VNu04nvi9y0m6QTwnfr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07ed0162d947bbef3c3289999c2474e4_JaffaCakes118

Files

07ed0162d947bbef3c3289999c2474e4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Sk3pFire4all
UnHookWindow

Sections

CODE
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ