432db79f1409cee4ef30f5994523d5a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

432db79f1409cee4ef30f5994523d5a2_JaffaCakes118
Size

63KB
MD5

432db79f1409cee4ef30f5994523d5a2
SHA1

80ff0e50fe8471afb9264895ed27c1c4b7700aac
SHA256

b8f22d17426561d8eb09d2f30fc69cf5126537050ffb3d5a0945de27778ee3c4
SHA512

1afb563973ddcf62c4905b2459fc4501d10e63e41b1fc639334c0298076cb0aae184527d57326b3dad3acba08648efd1a7ec4b015a6283d2263e257212dc694c
SSDEEP

1536:n2NNyGkHjkDzELuOtiN70hHNhu/wyPYZVopS4c8dIg/SG+Yjt:nuAGWIz8iNghHUPYYUt8dN+Yx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
432db79f1409cee4ef30f5994523d5a2_JaffaCakes118

Files

432db79f1409cee4ef30f5994523d5a2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b09e9d40faacccc80f5064ec04df674b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_vsnprintf

gdi32

GetDeviceCaps

user32

GetWindowRect

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 15KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE