14b26437ea713edc2f86d5870022fbfa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14b26437ea713edc2f86d5870022fbfa_JaffaCakes118
Size

79KB
MD5

14b26437ea713edc2f86d5870022fbfa
SHA1

cc6d5a36932fa92ad48bd5183fa0c5c9e2a56732
SHA256

bca34a16ed9c90d8bbfca49a1409e51ea805fb37484bbe3889a56afa7d2670e3
SHA512

3a806aa7acc9808b3c6770f2722b4015963f434c582f0e4c9e418dcbfd7f35caca98d74dce195127d98d5d5a12ab5440b8de1ab2dd522ff6b59f88b348ffe077
SSDEEP

1536:n2NNyGkHjkDzELuOtiadtcfFHJF6NzlDSH1FUy5RWJ5dGXhy3Tox:nuAGWIz8ddefF36N5DiUp5Ky3Tox

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b26437ea713edc2f86d5870022fbfa_JaffaCakes118

Files

14b26437ea713edc2f86d5870022fbfa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b09e9d40faacccc80f5064ec04df674b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

GetDeviceCaps

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE