d13793269086295e6a7680f32a3e2556_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d13793269086295e6a7680f32a3e2556_JaffaCakes118
Size

61KB
MD5

d13793269086295e6a7680f32a3e2556
SHA1

2ae4899b40dd01cd86fbca51988db21ecdf8e1b7
SHA256

a6be9bc95daae2c27824dc7df519663162210d15e05432d7819f71bf2ce178fc
SHA512

7b5a7886a1028b3ef26bf09ebb49f4c8a5eea2a3c51e088b6f52ac81ebca623db936d4352deb3dabb85e9eccb5e3dd455ea264869797e6cbcb98372942871ea6
SSDEEP

1536:iFzN559FOI/accaoTl+upQdek/XSZl7ldSLOZj4:gzPva5aoTe/XSZdXSL2j4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d13793269086295e6a7680f32a3e2556_JaffaCakes118

Files

d13793269086295e6a7680f32a3e2556_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE