3832bb4d66fc6883c2f523a51d4e042b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3832bb4d66fc6883c2f523a51d4e042b_JaffaCakes118
Size

39KB
MD5

3832bb4d66fc6883c2f523a51d4e042b
SHA1

4677b7070a76a449dc6ee4037f552a408a3c04f1
SHA256

420982d1f1347186fba16753c4ea072e25ab1d99f3b6925e2694caeded8784c4
SHA512

eed0f133c60dd88279bd20c5ffddd44deaaa31c2c3c16e387a1c6b75d43c293a2bc4a9eb109377876f00f75d85d4e84bc5d38f2ec106a7fa9053ec973e4e42bb
SSDEEP

768:8K+p+M/TmJhuWFMGLTABtVX+r+LhhbdbRdZaTcN21ww7DMaejy:8K4+wT2cWuoAV+r+lhbdbogwf74ae2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3832bb4d66fc6883c2f523a51d4e042b_JaffaCakes118

Files

3832bb4d66fc6883c2f523a51d4e042b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6e66b3a31de64f9f81b6aabf3d0fc49e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
FindResourceA
SizeofResource
LoadResource
GetModuleHandleA
LockResource
GetProcAddress
AddAtomA
VirtualFree
FindAtomA
FreeResource

user32

VkKeyScanA
TranslateMessage
UpdateWindow
WaitMessage
WindowFromDC
WaitForInputIdle
UnpackDDElParam

advapi32

CryptGetProvParam
CryptGetKeyParam
CryptHashData
GetUserNameA
CryptGenRandom
CryptEncrypt
RegEnumKeyA
CryptGetUserKey

Exports

Exports

brzcu
ikzmncixap

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ