fd44a615908dbee5377b7d3781539aaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd44a615908dbee5377b7d3781539aaa_JaffaCakes118
Size

66KB
MD5

fd44a615908dbee5377b7d3781539aaa
SHA1

6161d734a3d73df21ac35987c2eed2a2674c6c4a
SHA256

ac59a55dfc4de075b4af8a4314565513d308155f6591a5d09ab850f45f1f0a55
SHA512

96d1786367540f8b8d55467c9f5b645de1763c49f8a8a122513a60c50614c428d39e473c5278f42ef3fac61a985a4f89cb6ad680ee380b480c3a87a1503f539e
SSDEEP

1536:0tu5k72pHSnPaGnLB/z9ZU7qVecUVgsxIXhpzQ:0tZ72pQiGn5QWVgVgsxIx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd44a615908dbee5377b7d3781539aaa_JaffaCakes118

Files

fd44a615908dbee5377b7d3781539aaa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dfeb6e9b27b58bb8134b40101257de58

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

strcat

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 14KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE