32ae984b119e7dacb39019f4d3e18e84_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

32ae984b119e7dacb39019f4d3e18e84_JaffaCakes118
Size

77KB
MD5

32ae984b119e7dacb39019f4d3e18e84
SHA1

69b467e193bcc7ad494c676c18cc7d6235a0c06d
SHA256

c9f9810bb9d468da8a971e2692b4762b14ee09f08b43c7dbf627190ad0029179
SHA512

2af69712de582e4b7704e8547d6318e024346bef0323979befde3af365560af042bc35075e8c0f2d5b9455727e1021ef342d48b5d11dab710fcde0e431ddf60d
SSDEEP

1536:ApcvBq2h8vA0tGJUvTY+j4vrd/wsyFekwFFGsQKW7ob47r1kna3:Ap+hL31+WrZwjeup3ob4H1ka3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32ae984b119e7dacb39019f4d3e18e84_JaffaCakes118

Files

32ae984b119e7dacb39019f4d3e18e84_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b10c87a3425ac01609aef2e3e950ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdi32

DeleteDC

msvcrt

srand

user32

GetWindow

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE