d4ec245ee3f68d2169b587a7860801ea_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4ec245ee3f68d2169b587a7860801ea_JaffaCakes118
Size

63KB
MD5

d4ec245ee3f68d2169b587a7860801ea
SHA1

e175e3c218840076098f769e738fda514bf7c8dd
SHA256

739e0b836a90756a04cb3ca37c913e5feeca428b98ae1a22c6fef60602aec575
SHA512

f9e6c204f01e1dba6986ce4650eeeca3213ba4ba292a385491e5f234ce783cc529da543d6f7db5091d99f4a6f8fb0509d74ac3d2d439482002d50729df2832b6
SSDEEP

1536:uwoq+LsVXPTt5mTiEAA9Xl16+JuTHvVO101uF8ZEA6kLS85omk:hN+oVX2NV9Xi+JPEuFeENMOmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4ec245ee3f68d2169b587a7860801ea_JaffaCakes118

Files

d4ec245ee3f68d2169b587a7860801ea_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f6372546361ed1ca3457e353ab257a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE