730bae7ea921703793300b09e2c616bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

730bae7ea921703793300b09e2c616bb_JaffaCakes118
Size

63KB
MD5

730bae7ea921703793300b09e2c616bb
SHA1

e1575731b1232f204f4af3faba0bc6d0d6b3b8f2
SHA256

99b0ac25d2cff7149c6a34a7b1ec20abe5d03427778ff09313730072c5201ded
SHA512

62bada572feee3b94b15dc2a83a1fdfc8e12bd8e886c8e9468532beb81b7d1d8bfcb6f21b481b0dfd986ca76b871ac35cf9b5097adb0555b27dd7ffb692d3217
SSDEEP

1536:+fQAl+7ovOUtulMXClNrkKWgV2K/qDCn+YE+gi7:aQAl+p4EMIrkKhQiqDCE+g0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
730bae7ea921703793300b09e2c616bb_JaffaCakes118

Files

730bae7ea921703793300b09e2c616bb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d789bbd14d9363f075bb8a0efcaa628b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

time

user32

UnhookWindowsHookEx

advapi32

RegQueryValueExA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE