34a03a444e78c80b73a9d2d5ce3cb633_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34a03a444e78c80b73a9d2d5ce3cb633_JaffaCakes118
Size

35KB
MD5

34a03a444e78c80b73a9d2d5ce3cb633
SHA1

b0b066ef8660d4122f21b8b6dacdd4a29b48fd1a
SHA256

f3c813bb400884d5c7e2954c6e7a2b406e351fa00f94089fa34fd4dda576e1e1
SHA512

a98d647a908d50e860afc8d0ddd9f5878688952d51b16c08c1938250d8dbc49fb250313021f799bba05ef92526c6aa0c6a93a4f25eae339caf27f59c371bd035
SSDEEP

768:WEbGGC7NV52aCp9RmwP/NsxvcMTx/SA7VW0:WuZqVHCp9J3NsxvcS7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34a03a444e78c80b73a9d2d5ce3cb633_JaffaCakes118

Files

34a03a444e78c80b73a9d2d5ce3cb633_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3883f0ed9892d91521f3a4f25c17ecd1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

imm32.dll

ImmGetCompositionStringA

advapi32

RegQueryValueExA

user32

GetKeyboardType

oleaut32

SysFreeString

Exports

Exports

GetPluginInfo
GetPluginResult
GetPluginRun
PluginFunc
PluginStap

Sections

fgrt
Size: 21KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fetui
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hpqer
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ftuk
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MaskPE
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE