311a5cec6df22fde85e2520bdab23c2e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

311a5cec6df22fde85e2520bdab23c2e_JaffaCakes118
Size

39KB
MD5

311a5cec6df22fde85e2520bdab23c2e
SHA1

fa51808d5ce80ee83c794f328bd6ecb78110e1cb
SHA256

01876cd20b5e61a7e24f01c0b3f62aea76dd1da4bb7268c8ce1828b170540e42
SHA512

9b232e3770148c59ec4cd151c7994c1b7f3b28a79dc0867986fee85198d63414f9f33a24f1fe92ed6b9e5107e09f02e8cbcf790f959167f2d4129a24836c1dc1
SSDEEP

768:PPKp3uzk7htp5RlOjmjvLvvjhwDEiZT6Fj7EzWunlyGJ8v:m3uy55RFTLvFwDMxunkf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
311a5cec6df22fde85e2520bdab23c2e_JaffaCakes118

Files

311a5cec6df22fde85e2520bdab23c2e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

872f1123b5d7a7358ede6c9cec45ce05

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
VirtualFree
VirtualAlloc
GetProcAddress
FindResourceA
SizeofResource
LoadResource
LockResource
FreeResource
GetModuleHandleA
FindAtomA

user32

VkKeyScanA
wsprintfA
WinHelpA
TranslateMDISysAccel
UnregisterHotKey

advapi32

RegSetValueExA
RegCreateKeyA
RegEnumKeyExA
RegOpenKeyA
RegLoadKeyA
CryptHashSessionKey
RegCreateKeyExA
CryptEncrypt
GetUserNameA
RegEnumValueA

Exports

Exports

buykyyzv
loojezc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 873B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ