16f331bbf5250de73de2cbfbd6087bd0_JaffaCakes118 | Triage

Sharing

General

Target

16f331bbf5250de73de2cbfbd6087bd0_JaffaCakes118
Size

39KB
MD5

16f331bbf5250de73de2cbfbd6087bd0
SHA1

82165e524635f8204fc00cb6d82fd021c57b6824
SHA256

ed80297c924f5c19c54592616b4e73b0da547bb10746d4455bc3ebcc73dfe815
SHA512

21c941f350835d56365b83307b1f314cc81b2858d73adc4c129f506c8fac4803965c36e848f20166dc13012db63ceb17212f52833fc445caebb2ea34bc82cdc8
SSDEEP

768:BfXNZbyn8p/jjUCBIq7UrgF+Tsjw+hBNXP/DW+zrdHaGstMgSK5:BfXNCu4CIqorTPuP/JzrdFgZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16f331bbf5250de73de2cbfbd6087bd0_JaffaCakes118

Files

16f331bbf5250de73de2cbfbd6087bd0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f0d9b87c6ec014a1fe6d61b05c4ecd79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
SizeofResource
LoadResource
LockResource
AddAtomA
FreeResource
VirtualFree
FindAtomA
VirtualAlloc
GetModuleHandleA
GetProcAddress

user32

WinHelpA
VkKeyScanA
UnpackDDElParam
TranslateMessage
WaitMessage
UpdateWindow
TranslateMDISysAccel
UnregisterClassA
ValidateRect

advapi32

CryptDeriveKey
RegConnectRegistryA
RegSaveKeyA
CryptVerifySignatureA
RegReplaceKeyA
RegQueryValueA
CryptGenRandom
RegEnumKeyA
CryptSetProviderA

Exports

Exports

hysyybw
oajrtgls

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ