fc39d62b4a8516364b8d7f7d57a89264_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fc39d62b4a8516364b8d7f7d57a89264_JaffaCakes118
Size

61KB
MD5

fc39d62b4a8516364b8d7f7d57a89264
SHA1

1236519aaf6d1bb4ab5e164dfe73512fb59c86ab
SHA256

439c959521fdd1555cbbda0baea6cf989f17659dfaa391e31a2bf46fd25e2fb0
SHA512

53b4dfad5ff0bdffc072d32d8f9b5c173542b533fb051da2831f6cc90507701c51b8aaa380bb87191d04183e9ec15ff033c129e34d68250b573f1a7e35782ce9
SSDEEP

1536:Zwoq+LsVXP7hk3Qe0bDljfzVdNi+OaLgtmCwS3hJkmY:ON+oVXReKDljfZdNi+Oag2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc39d62b4a8516364b8d7f7d57a89264_JaffaCakes118

Files

fc39d62b4a8516364b8d7f7d57a89264_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f6372546361ed1ca3457e353ab257a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE