739548fc012f9dd0d55962dcf87163dc_JaffaCakes118 | Triage

Sharing

General

Target

739548fc012f9dd0d55962dcf87163dc_JaffaCakes118
Size

40KB
MD5

739548fc012f9dd0d55962dcf87163dc
SHA1

4c8831d549daafc787ae145961d6a074a03d5626
SHA256

6135b70879bd4a7b094ebc3102618ac88d9e4f00b7a6988bc65b00b051da099b
SHA512

f31503a49c8429c72180da922f234e8a3a47a938583504e7c29423696c4aa4617333aa68a5e043c93d106629e42a0cdcaeb31147b798c2b307ab9cf9f6a4a15a
SSDEEP

768:Y00jJOOZKW7KabwqLtoCXuif5Ic9eCRgQCsm9Ou1iAPk/4oepj:Y08u3qSCXu4iuRgj9J1Zm+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
739548fc012f9dd0d55962dcf87163dc_JaffaCakes118

Files

739548fc012f9dd0d55962dcf87163dc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

9a6eee86a60b77e038409a6625a745a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AddAtomA
GetProcAddress
VirtualAlloc
GetModuleHandleA
VirtualFree
FindResourceA
SizeofResource
LoadResource
LockResource
FindAtomA
FreeResource

user32

TranslateMDISysAccel
UpdateWindow
UnpackDDElParam
wvsprintfA
wsprintfA
TranslateMessage
WaitMessage
VkKeyScanExA

advapi32

CryptDestroyKey
CryptVerifySignatureA
RegQueryMultipleValuesA
CryptSignHashA
RegDeleteKeyA
CryptDestroyHash
RegEnumKeyA
CryptReleaseContext
CryptGenKey
CryptAcquireContextA
CryptEncrypt
CryptImportKey

Exports

Exports

rgtnazmn
sgobmodca

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ