94c64198dc8e8155bb235cbc454b9d81_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94c64198dc8e8155bb235cbc454b9d81_JaffaCakes118
Size

65KB
MD5

94c64198dc8e8155bb235cbc454b9d81
SHA1

d4a4904882d519e9bc44dc83ff1a1027570cd666
SHA256

473fa6cb725a969a90a76c45024ad858a3ec86afbb0cad623b08ae9f9fdf501e
SHA512

fa98d4113ace2e07814319be2129a84a7e6294fd86ae65145e04156270b5544f32bfef9e572dbece033afa05662110ef1ef86caeb75146a00101fb2a78ddae1e
SSDEEP

1536:JpcvBq2h8vAb/+xp/f36Wony1bN0L6o4R/EGTGGd1iJE0lgl/A:Jp+hLb2xVf34sNYMd1m7ql/A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
94c64198dc8e8155bb235cbc454b9d81_JaffaCakes118

Files

94c64198dc8e8155bb235cbc454b9d81_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b10c87a3425ac01609aef2e3e950ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdi32

DeleteDC

msvcrt

srand

user32

GetWindow

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE