b9f3ca37f182bbd8e4cb0e2908e8c41d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9f3ca37f182bbd8e4cb0e2908e8c41d_JaffaCakes118
Size

81KB
MD5

b9f3ca37f182bbd8e4cb0e2908e8c41d
SHA1

1778412cab0a296504cd189033678a5bb9cb0b96
SHA256

b6f3389a2034461173af225607498f3794837816195571877cf27eaa6282a0ff
SHA512

c1b1646f755f48162c9e4ae55e29ac21bcb47d9d31ece19e9d876236697f32ef4491dee1aaa1e145a7748898da2efb16259a12be3324071dfd42deb1efee32e7
SSDEEP

1536:6FzN559FOWtCCzQw9MFDNGPDI7BpkGcU/tww3IKJJ7bLPbwadhlVHKBOzbciWk4j:ozPjNaBcDDU/t3tJFMadLVHkGbciWkpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9f3ca37f182bbd8e4cb0e2908e8c41d_JaffaCakes118

Files

b9f3ca37f182bbd8e4cb0e2908e8c41d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE