cec302a32e7b57b75b0222aa4e443ecb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cec302a32e7b57b75b0222aa4e443ecb_JaffaCakes118
Size

78KB
MD5

cec302a32e7b57b75b0222aa4e443ecb
SHA1

ec303f34306dc4cde43ab5ed8b66a0ba05407bd5
SHA256

3c87e8d34f12f9ebf942dccdd7c2f10eef2a243454f79c5937ee6a9ff961a82c
SHA512

8767ef543e4193b6c1da4f189ce42801f3349ef278a6948a32c6cfa3d4d700ac7c71b8bb4f55d6d2a9b5883296f8bc6f2d2a0b31fd15f68cc932875541d68bcf
SSDEEP

1536:3svIM3tv9aS1Y2xjA7ELjxfBjYa965kWi7VK0PKQar07Hy0N/9jpnc:3sv13tv9a6VA7ELYY65nLC4I799Nc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cec302a32e7b57b75b0222aa4e443ecb_JaffaCakes118

Files

cec302a32e7b57b75b0222aa4e443ecb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e8106a3478d7d9b9d2ff872cba939d15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

DeleteObject

user32

wsprintfA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 14KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE