f0bd56a6b9d5c355fa52d238d60d864e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f0bd56a6b9d5c355fa52d238d60d864e_JaffaCakes118
Size

36KB
MD5

f0bd56a6b9d5c355fa52d238d60d864e
SHA1

afc36e1c5ec3b9edfb960a823f1d58640ca45d05
SHA256

4320d574dc83a83838be2300c3dc401c5d8984792212180973d2f923eb934e41
SHA512

4be4ee9c809b1604958c1201911f8d88a03e784b9c2a16af8e28ae49244d373e283f0a05ffd84828e97ef888b10f5ffd912d9c2bb6b692fa5d66437f4f1b4164
SSDEEP

768:tTgC84J6ga+Q/FQdOhajk4VJ8+IZMsXLA+iCREi:Ng46ga+M4jk4VSz6mLAJi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0bd56a6b9d5c355fa52d238d60d864e_JaffaCakes118

Files

f0bd56a6b9d5c355fa52d238d60d864e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Exports

Exports

GetFontName
GetFontSize
GetLangID
GetLangName
GetLangStr
___CPPdebugHook

Sections

.text
Size: 29KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE