007b2d7439104ed47de98f8b27b47a9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

007b2d7439104ed47de98f8b27b47a9d_JaffaCakes118
Size

75KB
MD5

007b2d7439104ed47de98f8b27b47a9d
SHA1

5d1983a7622e615cab57c384463268c2b467c4ae
SHA256

648784f8e16d14d3b1ab038071400b45187cb95e6cd76a7a68bcf35072646623
SHA512

f04f2cf0d6de5a2071836aac642bc9d73b245a0722e1459626f453ae8ae60b185da054dbebed6d46d3ebfb5e8cc33d6fbf8498f33067b0fd92b1a325b541b03b
SSDEEP

1536:BfQAl+7ovOvZ/ACZho4NS05fY7VPqXxP+XJhXueVvFSf:dQAl+paCzocA7VAcnXDdFi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
007b2d7439104ed47de98f8b27b47a9d_JaffaCakes118

Files

007b2d7439104ed47de98f8b27b47a9d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d789bbd14d9363f075bb8a0efcaa628b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

time

user32

UnhookWindowsHookEx

advapi32

RegQueryValueExA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE