d4cd98f359fe4d33ab4edc2ba7c11fae_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4cd98f359fe4d33ab4edc2ba7c11fae_JaffaCakes118
Size

88KB
MD5

d4cd98f359fe4d33ab4edc2ba7c11fae
SHA1

ffb2272b0f88ecba1b235587e6d930d1510b6bea
SHA256

221207fe9565119d9b468efb5c951abe06fdae532dc277fef701d1837012fded
SHA512

f595dfcf8c5b6df43228ed4ffdb7b662b794338b7ae9bc4d7ec7ed403d6df7aaf78bbba1e2b29595245fd64cad25dce3d3a5ce826040f537d93fffe364b4f483
SSDEEP

1536:iFzN559FOeBPP75KRZ8mKgk/dtZq5gTrb9GJYt7b4VywP/NSHTrbDi2t6C2cvJPs:gzP1X9KX8H/dtZZRZ7b4VrVsTfmm6Kv+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4cd98f359fe4d33ab4edc2ba7c11fae_JaffaCakes118

Files

d4cd98f359fe4d33ab4edc2ba7c11fae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE