a50a74ec1773b83ea5af89e402c4a07d_JaffaCakes118 | Triage

Sharing

General

Target

a50a74ec1773b83ea5af89e402c4a07d_JaffaCakes118
Size

524KB
MD5

a50a74ec1773b83ea5af89e402c4a07d
SHA1

d47308232b290e52499e0fce7ca6f6ab46b15277
SHA256

f9aace1f4c42854e835b327ea3cb6f70450b1bddc11a019c219c34ecc2bb8f34
SHA512

1e76ce531e28c627b036c31a8e17a63a5882408f71218c88d2f79640d4baf5402d697449562531bbe47de0a35d916f91be4972e48db5699efb6e7d5dfcbef9b5
SSDEEP

384:GyVlNjtU2eSMppfC9rg6hat1OW+AczO94ydqPAwGdzrZRQmhL:LVl2fB6st1/cygGxrZGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a50a74ec1773b83ea5af89e402c4a07d_JaffaCakes118

Files

a50a74ec1773b83ea5af89e402c4a07d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnBHookBWindow
ge4gdcfsd1
ge4gdcfsd2
ge4gdcfsd3
ge4gdcfsd4
ge4gdcfsd5

Sections

CODE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ