0a0d0cd92786969ffd6bb5b4c97431d0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a0d0cd92786969ffd6bb5b4c97431d0_JaffaCakes118
Size

66KB
MD5

0a0d0cd92786969ffd6bb5b4c97431d0
SHA1

c02e115905f5ebc7778665a946c5a707bdecd859
SHA256

33ce59497be2a8a8613c51ea5c3db2aeab48b225a7ca203d1596ce90644c48ac
SHA512

331b0ed3ea8e403bec041bc5dec5df2572d80311f5dac7e63e964bb0f8ee0cacd9345beb90c73de133a8390a9976c2df7a89bdcdb7b9b1ea46d8ef055f3ed624
SSDEEP

1536:iFzN559FO7RjveALQDVlUq5qa6reaHHbzq+H+M8l5oUlf+fYQn2:gzPsRjvPQZlN5qfrfq+HR8voUp+f/2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a0d0cd92786969ffd6bb5b4c97431d0_JaffaCakes118

Files

0a0d0cd92786969ffd6bb5b4c97431d0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ed07c85613693a6fc23dd15c1255325a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_strcmpi

iphlpapi

GetAdaptersInfo

gdi32

BitBlt

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE