ea5c5382f2806eb8c6bfb73ce0f96615_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ea5c5382f2806eb8c6bfb73ce0f96615_JaffaCakes118
Size

69KB
MD5

ea5c5382f2806eb8c6bfb73ce0f96615
SHA1

171a37346a82ac8db3e320f2a27588339e4061cf
SHA256

7a8636ad33dc85095bd3bccd28a8e080f148a157f7d2722c2850588fe8481088
SHA512

08193abfd252c6f8a3f38751c3a321be5b5b7528a52df2c55371d52f4b36775a372e21a8336794d5a73345114ae9b0bee553e9ac3e733a4865e6becf08a799b8
SSDEEP

1536:n2NNyGkHjkDzELuOtT25216OoMRe62ykeXEtw2YFrGosUsrEupLkaRpZsn:nuAGWIz8Tr16NMs62y7LBZ6DLon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea5c5382f2806eb8c6bfb73ce0f96615_JaffaCakes118

Files

ea5c5382f2806eb8c6bfb73ce0f96615_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b09e9d40faacccc80f5064ec04df674b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

GetDeviceCaps

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE