360755b013f0ea2f17ca86ed8f8640bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

360755b013f0ea2f17ca86ed8f8640bf_JaffaCakes118
Size

70KB
MD5

360755b013f0ea2f17ca86ed8f8640bf
SHA1

e6e70b37ee80dc4785d6c7aaa4652c74c7c24f13
SHA256

bf5002dca1a57ea8097565106d3f932c8b3f6b8a8672fe997e3b8a5e4fd6f953
SHA512

bf7a1022a5f090c1cab45b9a74c80eb0a9481806cfce15f472752d6fbc58643ba5bd82bb7834d9bf61cb79ffee576412f0522b6673f7078121b717c73a4c949d
SSDEEP

1536:XeGhUZS1t5GJYR/InYxwHWdJ8yN1pCMWFeKiSXJdwfo5gR:uYU5azxEWdWyN1pVaiSX6D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
360755b013f0ea2f17ca86ed8f8640bf_JaffaCakes118

Files

360755b013f0ea2f17ca86ed8f8640bf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

184d5e017a9373dd0dd64c61e3fc48a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

memset

gdi32

CreateDCA

user32

wsprintfA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE