0a2e998d58ab56ed712a4c52e92dee5d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a2e998d58ab56ed712a4c52e92dee5d_JaffaCakes118
Size

76KB
MD5

0a2e998d58ab56ed712a4c52e92dee5d
SHA1

4bb03608e46164cea62db99309d22b2f48feb9fb
SHA256

40abf47fc6dc741e84abf6ed80bc034d11b134f6f768f610db8161728ece2587
SHA512

f5c0a85ee20e2fa127bd17dfd464a9336c4483d2b6aaf4d9973ad510f78aecd9a3a192890ec4854094f77289657de9376729568c46f098e8b3a2957c0f7c14b0
SSDEEP

1536:iFzN559FOj3M3nLVCd+JvHPJQ7+4q7QgUsgn88:gzPYMXHpJaAYsgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a2e998d58ab56ed712a4c52e92dee5d_JaffaCakes118

Files

0a2e998d58ab56ed712a4c52e92dee5d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE