65eab068397121f9222df13578a80e0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65eab068397121f9222df13578a80e0f_JaffaCakes118
Size

83KB
MD5

65eab068397121f9222df13578a80e0f
SHA1

02b36b8ad2eaeed462ceb66796b3357d0ea883b0
SHA256

ba988d7a517dd8733b841b2ee04bd275599ac4014233693077950ff4b17f5a99
SHA512

a960887820fb44a180e27c21d17608e99f3688ea5f10d66f79cc98fb976b77a9cfff9adbfec459a20299391faf5ee3cbbae9b33fab763d0d283fed65cf553a22
SSDEEP

1536:iFzN559FO0BbEOFbkj3iVlmFCQzSvxjONnwqunT3i4CFhdpULPj8:gzP7bijSeCQ2vx0w7T3CFh0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65eab068397121f9222df13578a80e0f_JaffaCakes118

Files

65eab068397121f9222df13578a80e0f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE