4c1d3fe6fc9f35c25f8b6d02e9e49709_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c1d3fe6fc9f35c25f8b6d02e9e49709_JaffaCakes118
Size

525KB
MD5

4c1d3fe6fc9f35c25f8b6d02e9e49709
SHA1

6b783a1cd8a86f82367539c104c40202d0d61a7b
SHA256

a5ddb73643ad30e0cea9da3dca8079394ec55b07a599015ffe6c979bfa5357b1
SHA512

7ebe4f62bc48f18a39d116fdbe73f71285d7ee406be6c5231c10cc8d234f81ce787e2a928e8c80442e284a0df60da1f6e00562f18a7060f2aa403f93cf4dc436
SSDEEP

384:xidD9d6GALNeEBHqFo26602zFtPSoOJBuD2Hmsbgd5pXhzesq1k8brQ4:ocIE+6OzFtVD6ZsdzXlTq1kCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c1d3fe6fc9f35c25f8b6d02e9e49709_JaffaCakes118

Files

4c1d3fe6fc9f35c25f8b6d02e9e49709_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnCHookCWindow
ge4gdcfsd1
ge4gdcfsd2
ge4gdcfsd3
ge4gdcfsd4
ge4gdcfsd5

Sections

CODE
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ