fdd5d51a087e6b7933c30922087877d8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fdd5d51a087e6b7933c30922087877d8_JaffaCakes118
Size

525KB
MD5

fdd5d51a087e6b7933c30922087877d8
SHA1

69dd2211c87af11d28de9efc42b75724423d9fd4
SHA256

051a274c5d38eab3937a2d7918422ba79d6f8527ef752f2d54eda7639bde104d
SHA512

00ffc9c253463e42af7e7ff5ec34cd94d0c48318a3c0b68fed5460a945525bee3703166a25183b3140f8697275c618ec4e5f05785625f3e7340c5424f17d597e
SSDEEP

384:7SdD9d6GoHI47YuX9AWHvE5M6+1mr69J7JCP7HsE13+zQnXkUPXq4:uAIWhH85MMgxJCPWQnXk8t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdd5d51a087e6b7933c30922087877d8_JaffaCakes118

Files

fdd5d51a087e6b7933c30922087877d8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

EnCHookCWindow
ge4gdcfsd1
ge4gdcfsd2
ge4gdcfsd3
ge4gdcfsd4
ge4gdcfsd5

Sections

CODE
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 5KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ