6915a505ee074b7ad03211d774339d18_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6915a505ee074b7ad03211d774339d18_JaffaCakes118
Size

520KB
MD5

6915a505ee074b7ad03211d774339d18
SHA1

19ca97d794869e2d73f67df64622aa292a8db8c2
SHA256

9646a8bc8e2f9a243109bdd61bb7a83b3a809af0acd52be8d8ef28b64f708a10
SHA512

3c8e4b316cf8a47ba221b3efc4e7592ee136629ea80d1af85afc03eb13db05db0fb85b7275937b8b441fdbc6c98ef1372720953f29b2b4ac42e75fd9d4794461
SSDEEP

384:F3pdNjtU2OwJkRRo3f66kLHtCiX0qWXomhwa4zR2ukdW/s:F3pdx2R6kBhEqgo6gR2ukYE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6915a505ee074b7ad03211d774339d18_JaffaCakes118

Files

6915a505ee074b7ad03211d774339d18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnBHookBWindow
ge4gdcfsd1
ge4gdcfsd2
ge4gdcfsd3
ge4gdcfsd4
ge4gdcfsd5

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 196B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ