2385810e17f99932c120fe1a612b7f32_JaffaCakes118 | Triage

Sharing

General

Target

2385810e17f99932c120fe1a612b7f32_JaffaCakes118
Size

68KB
MD5

2385810e17f99932c120fe1a612b7f32
SHA1

c6a21b54c0465e8379fbbdae39fd887f3423df5d
SHA256

95b30cbcb1a9aa409751a88eea41850658ec6ee0888d71a8111e215242337c65
SHA512

ca1ff1b9e6c660ac098a905e17fa87338d28a65ddfd0c9b0ba47b5618ea2fd4c9812d10d654383f52f16d9baab31771a9a2424b130c88d04f77b0935e21870dc
SSDEEP

1536:Zwoq+LsVXPTRX08/n4HwaMAxnfQOpvxim+00/DNReQe2:ON+oVXLRX08w9MAxn+PLNle2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2385810e17f99932c120fe1a612b7f32_JaffaCakes118

Files

2385810e17f99932c120fe1a612b7f32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f6372546361ed1ca3457e353ab257a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE