34f13a727a6123294b3ca9237297dfaf_JaffaCakes118 | Triage

Sharing

General

Target

34f13a727a6123294b3ca9237297dfaf_JaffaCakes118
Size

40KB
MD5

34f13a727a6123294b3ca9237297dfaf
SHA1

c285151e9a93646e7cb389cfc63d7452c4116582
SHA256

3f1b65e59b5ed247c5fd81703e277763ec9830f4567c083944e92230e70f8cf6
SHA512

4adbbae8297c6b3f8de2f80fa15d026b491e63ae9c2c3426aecf28cd11e9743221b670dc25cdf16375d5bf611f7107ab2483184d98aaa7cb41e89164c38dfb90
SSDEEP

768:FuFpaslXIZE2xAEM9/1wAqy28ZqMbTdqM96p8M6wKsApjoXm:kFgsREp2/iNhqQM9RwpAd3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34f13a727a6123294b3ca9237297dfaf_JaffaCakes118

Files

34f13a727a6123294b3ca9237297dfaf_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3d150a50bb31a2992161ae93a916c859

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
SizeofResource
LoadResource
LockResource
VirtualFree
VirtualAlloc
AddAtomA
FreeResource
GetProcAddress
FindAtomA
GetModuleHandleA

user32

WaitMessage
WindowFromDC
WindowFromPoint
WinHelpA
ValidateRect
wvsprintfA
wsprintfA

advapi32

RegQueryValueA
RegUnLoadKeyA
RegCloseKey
CryptDeriveKey
CryptGetKeyParam
CryptGenKey
CryptHashData
RegDeleteValueA
RegSetValueExA
CryptSetHashParam

Exports

Exports

slmygp
xbzsufxnq

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 903B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ