d0dd38dae5899080ad6651253109e78f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d0dd38dae5899080ad6651253109e78f_JaffaCakes118
Size

66KB
MD5

d0dd38dae5899080ad6651253109e78f
SHA1

c6099d0c71630584a58a7d6b5c1a9e0b37368c97
SHA256

a8ddf9d263fbf580df68975a2abaf75f2ce7bc478fbb3be93a17cd0bcff839e4
SHA512

d6d88b679a7558b6473630b2c7bb7465d34705baf8e37e0daf02a0da55a0f72412f6e1fc6140220ce11b8ebc0a0538f19fd6f1c153c1a48fb3fcc7a617ad4a65
SSDEEP

1536:Zwoq+LsVXP39iLxQFZ457DIl2cKhlHTXVUhh/LLxC:ON+oVXFiLxb57clPkHTF6/Ls

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d0dd38dae5899080ad6651253109e78f_JaffaCakes118

Files

d0dd38dae5899080ad6651253109e78f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f6372546361ed1ca3457e353ab257a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE