c0e751b5658972c99126bdbda7011476_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0e751b5658972c99126bdbda7011476_JaffaCakes118
Size

68KB
MD5

c0e751b5658972c99126bdbda7011476
SHA1

7a323aa66c5a9f5eb12a5bdd8363d193650ddc91
SHA256

559c4d7df549eac1eca83b080cc43fc9bb5c76c0af50774bf7e0932d18432d25
SHA512

16b4c0def1d6c3d3c8e86d99ee56ccacc32e4d29310dd22a3ce03f153495ba6cc4d70c5a7db4bea05182dd1e784312179b5d0df0ad8c0138bbe3956b316703c5
SSDEEP

1536:JpcvBq2h8vA9tErKGwBVg9wG4vTo6i3jfUD+zfvmXy7K9:Jp+hL9tI0TUwGeTGjfUD+zWi7K9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0e751b5658972c99126bdbda7011476_JaffaCakes118

Files

c0e751b5658972c99126bdbda7011476_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3b10c87a3425ac01609aef2e3e950ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

gdi32

DeleteDC

msvcrt

srand

user32

GetWindow

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE