bc70a10e49ff79b4404869007730f8e5_JaffaCakes118 | Triage

Sharing

General

Target

bc70a10e49ff79b4404869007730f8e5_JaffaCakes118
Size

18KB
MD5

bc70a10e49ff79b4404869007730f8e5
SHA1

7127083e69caf82792f2350a5eac1c738a1d113e
SHA256

8f93af98e1ac81546578b5ed8496617d73153640e4ea11dc915637bb413f067b
SHA512

f7dc28d6626abb202af2736d73613ac90e63aaf83109b8c765dfb252a9958fee402fe4b440f9ba273f06a7f1e4fefd934a4addc8ed819fbd7ac1ab0b570dcf0c
SSDEEP

384:+au0NKwJNw4hEjiFSX5a0xj6Xyz1SgYYOuW:ru0ZKNXv6C1Su

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc70a10e49ff79b4404869007730f8e5_JaffaCakes118

Files

bc70a10e49ff79b4404869007730f8e5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnHookWindow
Skif4freW4ll
UnHookWindow

Sections

CODE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ