165197cc191b41ec0776b74a1bab9f61_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

165197cc191b41ec0776b74a1bab9f61_JaffaCakes118
Size

54KB
MD5

165197cc191b41ec0776b74a1bab9f61
SHA1

c8471118848def48c28619920fc15967e196e89f
SHA256

e1cfcd5a333296c819fff69104cafbc495baf7e5d00f597a5d1f879af05c1c77
SHA512

0cd6694adbcad8f352c91ed793d5db161e15d7cacaf7e1dadcca3f5972cbd7590a7ff83067a2b99099f3f82c510a75b186676209b76cc466908c0f88553bac56
SSDEEP

768:Zwjcfy+4gNsVXFJ2MOtYE+jQFrlQxZo69AuMZ8cbQ9+PBO1OFsz6f31Gc0GTLdwW:Zwoq+LsVXPS+jySJ9jsUJz6P0c9TLdwW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
165197cc191b41ec0776b74a1bab9f61_JaffaCakes118

Files

165197cc191b41ec0776b74a1bab9f61_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f6372546361ed1ca3457e353ab257a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE