52fb67bf07618a67be3e71e661ffb37a_JaffaCakes118 | Triage

Sharing

General

Target

52fb67bf07618a67be3e71e661ffb37a_JaffaCakes118
Size

50KB
MD5

52fb67bf07618a67be3e71e661ffb37a
SHA1

2d8a56256aeb51dfc51fbe1d2760916689d1d5f5
SHA256

a5564a62b735013b7000481ec334399fe50b3885eadb841a2ad9f0754b93a967
SHA512

ac896407aace041082f9610c4ae56955d9ebd531772acf90163eb075b6367efa10dd06e0e377d78329227acf6dcc95c9388a8ac3708e233d6f9373d6df60d170
SSDEEP

768:eikuw0NTjyaxa9QvTNHmb3W1YAkPMVCl7TbswxDNzk5VWzQzXq9fGAAVJ0N1nv:er0NTjyaXbRm77NpofTqxGAAVJ0N1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52fb67bf07618a67be3e71e661ffb37a_JaffaCakes118

Files

52fb67bf07618a67be3e71e661ffb37a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f98e470a9a50f370f701a1bdcccafcb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

fseek

gdi32

CreateDCA

user32

wsprintfA

Exports

Exports

CancelDll
LoadDll

Sections

.text
Size: 13KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE