6af9a9fe2d189742697582e8090dd7c0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6af9a9fe2d189742697582e8090dd7c0_JaffaCakes118
Size

65KB
MD5

6af9a9fe2d189742697582e8090dd7c0
SHA1

84a938c28abdf7de987e4e8ef13b875865427594
SHA256

0f4eb6212cedd75068491b39000ab5acfe4b2c5c9d8bcd367cfc0845b9e50e4e
SHA512

0f64b8749fa3ecd0d38d4f87d2d0727c686c7cd9e865c2a60c7f6fd0d6f64fa59b3ee4580956bb3eb273c3346c4314b11ec74fa10641124a340877eb4233338b
SSDEEP

1536:n2NNyGkHjkDzELuOtIf7Pliz7iZcyrC5QhAsq64IWEESs4BiGR5L:nuAGWIz8mdOidSQ1qQWEESsFGR5L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6af9a9fe2d189742697582e8090dd7c0_JaffaCakes118

Files

6af9a9fe2d189742697582e8090dd7c0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b09e9d40faacccc80f5064ec04df674b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

GetDeviceCaps

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE