8ef942e22a85522ed86cbd4826178315_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8ef942e22a85522ed86cbd4826178315_JaffaCakes118
Size

69KB
MD5

8ef942e22a85522ed86cbd4826178315
SHA1

9fca9ad4c9857f98b05b843efd06defcf4378a9a
SHA256

2238e1a779a6f4e5d727a7da5821557f30fa65afd0283df12b9f60fc5ae90061
SHA512

dac7f9ebbf4b8de404ef9e99a2089bd03747f65012ba7e9f9c17285fc36cb357d6f2cef68bc12dfee59391177f1f0abef00a1b9b44b4371dfd934736cb3dc611
SSDEEP

1536:ApcvBq2h8vA0t+RGkTspSsVxV5ZglaMEOkzs/I18:Ap+hLHGkTsk+rKaR5s/Ie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ef942e22a85522ed86cbd4826178315_JaffaCakes118

Files

8ef942e22a85522ed86cbd4826178315_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b10c87a3425ac01609aef2e3e950ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdi32

DeleteDC

msvcrt

srand

user32

GetWindow

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE