b085c4c0562b507c2a69d11521522148_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b085c4c0562b507c2a69d11521522148_JaffaCakes118
Size

39KB
MD5

b085c4c0562b507c2a69d11521522148
SHA1

57cc74cbd52fae70dcb87adec29df8c3b29acbd8
SHA256

3b5bd8d817e4cb37271d317234bb2863bc83d99465998a4d46abf22009922c55
SHA512

805004fbddb033cf0983b512d68f920b057b21eaa44214ad1d3f741fce0bee7010d571ae0dcfc28a02bc5e5eb34441ea3b505aaac278a62d88311b56713f5aa7
SSDEEP

768:jmKjzwLFfhwynPZTPBd9g+vdansiUaapqL/67l2IV3W29M4u:qIzephlnPZTPBdmsiUaD/6oE3WYMZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b085c4c0562b507c2a69d11521522148_JaffaCakes118

Files

b085c4c0562b507c2a69d11521522148_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e6e0a9c5d323188d615121bcfa4a9549

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
LoadResource
GetModuleHandleA
FindResourceA
GetProcAddress
VirtualAlloc
AddAtomA
VirtualFree
FindAtomA
FreeResource
SizeofResource

user32

UnloadKeyboardLayout
UnregisterClassA
WindowFromDC
ValidateRect

advapi32

RegEnumKeyA
CryptGetProvParam
CryptDeriveKey
RegConnectRegistryA
RegLoadKeyA
CryptSetKeyParam

Exports

Exports

cukpfcvdk
nevixg

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 759B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 234B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ