db36c682615577d796fbdac7ff78f757_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db36c682615577d796fbdac7ff78f757_JaffaCakes118
Size

78KB
MD5

db36c682615577d796fbdac7ff78f757
SHA1

fd10c2a8ec90207b2ae33c453dd1fa54edde416c
SHA256

2db523ce6ec7ae558c7dd565c95e7835acfc4347b032e294ddd25632c5115867
SHA512

829cc70fde0140390e15ddae029ef8034bc16102c78780336a08d5af56acb46d43838302a91ae2baaf3e4227fab26337b791f8ce638c075c24a154e575992c3c
SSDEEP

1536:XeGhUZS1tMQy5WeWj3WJ07rHDXvByKjBrYFKrKGanEuPmbXKvk0pxjqk:uYUdQygGJ0P0sBrvrKbnVOLKvJpxjl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db36c682615577d796fbdac7ff78f757_JaffaCakes118

Files

db36c682615577d796fbdac7ff78f757_JaffaCakes118
.dll windows:4 windows x86 arch:x86

184d5e017a9373dd0dd64c61e3fc48a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

memset

gdi32

CreateDCA

user32

wsprintfA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE