3f01c75d5b8dd1df056b1f083ad422a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f01c75d5b8dd1df056b1f083ad422a9_JaffaCakes118
Size

77KB
MD5

3f01c75d5b8dd1df056b1f083ad422a9
SHA1

eb4384890ae242bd8c31bbb6f2b85804d510bf4a
SHA256

d2c79c101c52945045f858246d6340eec408210f3be34e9c7e900fe43e2218d9
SHA512

8134b2f0b54ff8fd9950b2eca5f7b42815afdd21df2d88f4a900e413f44babf0e8e4c4efe3e510f436fe18e54a6d28dcb971a76476c72f61b977766168833ef2
SSDEEP

1536:S+1Bv8e8sV0CP7r540B16Y+JlFd+C3+EGbw64nsuW3cAtAIXL:SA1z8o7r5nKj+C3+EGc64nxW3ccjL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f01c75d5b8dd1df056b1f083ad422a9_JaffaCakes118

Files

3f01c75d5b8dd1df056b1f083ad422a9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

988f21150e7a956cf6cb90e64604c5d7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

DeleteDC

user32

GetWindow

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 14KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE