3d6c2c410f7e4fc67a9057db54b1f115_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d6c2c410f7e4fc67a9057db54b1f115_JaffaCakes118
Size

58KB
MD5

3d6c2c410f7e4fc67a9057db54b1f115
SHA1

fc5d9192ed44fd393883abfddb0b271b151ae747
SHA256

ab8cac4cb3b5a800979c9f852a6f6d6ffe72f57e1b0adeb3300d2bb8f8857466
SHA512

a5379ca4444bd1010c9559295e8f82498175e079cb4a26b10a8292f55b29cd029957aefa005feeccf3d0d601f25e2d9a03d1d347075451471e090effa8320df5
SSDEEP

1536:Zwoq+LsVXPzxmV6P3WJtb1CjasS2SFjY3ugNiIs1wCg/:ON+oVXLxg6OJtb1CjaB2ZdNiN1Rg/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d6c2c410f7e4fc67a9057db54b1f115_JaffaCakes118

Files

3d6c2c410f7e4fc67a9057db54b1f115_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f6372546361ed1ca3457e353ab257a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_stricmp

user32

GetWindow

gdi32

DeleteDC

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE