b72da4b9b10e322df306cc180ed064b5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b72da4b9b10e322df306cc180ed064b5_JaffaCakes118
Size

29KB
MD5

b72da4b9b10e322df306cc180ed064b5
SHA1

58495ea40868c28eb256a6f2c3844758c7e482eb
SHA256

fdc9c52a5f2751f6da3e7ffe95ad90f9d6e2867df4f1632c81b59141d06bcda8
SHA512

bb284e456124ee1bec8243102c5d7406d593cca45eceee2d132d9143d352885e23fa69685fa96e7211d36cdcb5bb2daeafd34ba9320075ea445531f968561c5f
SSDEEP

384:J4PB4zFmBqNEH8V5jJtERih2eqb8aDjV8qLMZL4XI5w004XCtNN8eDyQrwcSLU6y:J4Pov40hl8bn+W00WCtfmoMhMdb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b72da4b9b10e322df306cc180ed064b5_JaffaCakes118

Files

b72da4b9b10e322df306cc180ed064b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9234fd4883ba713a7215d746db0bdcf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceLanguagesA
ExitProcess
GetACP
GetCommandLineA
GetDateFormatA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
HeapAlloc
RaiseException
RtlUnwind
SetLastError
TlsSetValue
VirtualAlloc
lstrcatA
lstrcpyA

user32

SetCursor
SetFocus
SetMenuInfo
LoadImageA
EqualRect
DrawStateA
DrawIcon
DestroyMenu
CreateDesktopA
ActivateKeyboardLayout
CloseWindow

advapi32

RegOpenKeyExA
RegQueryValueA
RegEnumKeyA

setupapi

SetupFindNextMatchLineA
SetupFreeSourceListA
SetupGetInfFileListA

Exports

Exports

Mhdxdegvx
Qkat
Uidemj

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ