0359ca52686c74d293d8037b377b4bad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0359ca52686c74d293d8037b377b4bad_JaffaCakes118
Size

57KB
MD5

0359ca52686c74d293d8037b377b4bad
SHA1

81409add6919e753ca0781298768fa7a6751a3de
SHA256

ad6c00fc3a7a1f4b3c30812d4bbbade3141cd9d86d2d63a8ca7ce7ca501c6ed6
SHA512

60f9ef00c92127042280ea11b4e65f33bb035c108b05c40769717c3c71557bd2ad121f54651f997d1ddd7ddb7fb5e1b48010caa8699196c427f89575f528ff5f
SSDEEP

768:XxjDQp6DsOfL62l8ovO8PP5xMdUYjrqcQK20E4p8lqLgQ7IPW6XRhUBpSklXq3bR:BfQAl+7ovOA5bYyK2L3lY7IP1XjuI+W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0359ca52686c74d293d8037b377b4bad_JaffaCakes118

Files

0359ca52686c74d293d8037b377b4bad_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d789bbd14d9363f075bb8a0efcaa628b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

time

user32

UnhookWindowsHookEx

advapi32

RegQueryValueExA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE