09e0d1caf63b71fc8f1ea390253d1c77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09e0d1caf63b71fc8f1ea390253d1c77_JaffaCakes118
Size

26KB
MD5

09e0d1caf63b71fc8f1ea390253d1c77
SHA1

9ac2b7f20caa56a43293dff6ec04020e24f17610
SHA256

046df619076beefdc861bc63edc5605f72eeb7f5ac7eef44d4a9c1150f1d425a
SHA512

204c147d909fefc546dd095f58825c2fe80903c477c2850cb008891ee00d14c570c8e3b09ed9876e401c875ae17d1010e77a8d66b045d50c0c036a4fbe1f68cd
SSDEEP

384:zdD9d6G4GwATX/88e0ZhNKSumhekR4Vjzos0EznaH7zgZ2eJnCqSF:znDvBNjekRezoX3gZRJKF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09e0d1caf63b71fc8f1ea390253d1c77_JaffaCakes118

Files

09e0d1caf63b71fc8f1ea390253d1c77_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
SkipFif45all
UnHookWindow

Sections

CODE
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ