b26634914dc0dc58ef29bb520feceeac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b26634914dc0dc58ef29bb520feceeac_JaffaCakes118
Size

39KB
MD5

b26634914dc0dc58ef29bb520feceeac
SHA1

a0fe01ac76c23c0f86feb2b8c97b7eddc3f4e697
SHA256

f3c8300410649bdb05e0449f277cb866a35c70e675536f0b3434f1ba9fc17058
SHA512

247f1762e8169542761a4d86ea185eec3ac193cd11370e581e2a11c9970b428c3cb664679b315f47e0903b3eaa9639485d3c719e4e975552e877e7290b67c6ba
SSDEEP

768:wf+xK+lGKgBIzpf+4YTmEufeRHIdBZ2Wr+MVPqJBxfRj:wGK+XQIFyTFXRIdTH9dE/j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b26634914dc0dc58ef29bb520feceeac_JaffaCakes118

Files

b26634914dc0dc58ef29bb520feceeac_JaffaCakes118
.dll windows:5 windows x86 arch:x86

741b5d55257c3c65913d86297cf660f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
SizeofResource
LoadResource
VirtualFree
LockResource
AddAtomA
GetProcAddress
FindAtomA
FreeResource
GetModuleHandleA
VirtualAlloc

user32

WinHelpA
wvsprintfA
WaitForInputIdle
TranslateMessage
UnionRect

advapi32

CryptGenKey
CryptHashData
RegLoadKeyA
RegEnumValueA
CryptDecrypt
CryptGetUserKey
CryptGetHashParam
CryptSetProvParam

Exports

Exports

fetbvyflp
vnhvony

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 823B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ