882d297c7b2ff0c7da135de0bfcbe2d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

882d297c7b2ff0c7da135de0bfcbe2d1_JaffaCakes118
Size

39KB
MD5

882d297c7b2ff0c7da135de0bfcbe2d1
SHA1

3538ed6e2805484f85a37b2f247c36d27428a5e0
SHA256

a4f29e205473572bfac59cd13c4097e506a0ac82ac50b57af42f34b4ecede9f6
SHA512

06f00477e00bc6b102f63df02de7b8d59057965731be722e622bc46169327047e47a397517c3d73d5b3453a2fe19f513fea55af2c0809b936c05b49a21e5ff29
SSDEEP

768:95byCa4ZfnTIYDwUuDiWfyUazwPGqd073c+Y8N6Fp2:95byCa4BTIMw7myPxd07gp2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
882d297c7b2ff0c7da135de0bfcbe2d1_JaffaCakes118

Files

882d297c7b2ff0c7da135de0bfcbe2d1_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5ac5dcdccfbe37c527ced685ad0507b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
FindResourceA
SizeofResource
AddAtomA
LoadResource
LockResource
GetModuleHandleA
FreeResource
GetProcAddress
FindAtomA
VirtualFree

user32

WaitMessage
UpdateWindow
WinHelpA
wsprintfA
ValidateRect

advapi32

CryptGetHashParam
CryptGetKeyParam
CryptHashSessionKey
CryptSetHashParam
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueA
RegReplaceKeyA

Exports

Exports

dpiklqgw
vlgleoljne

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 825B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ