bd7424c3cb48395f27dd379656ec9806_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd7424c3cb48395f27dd379656ec9806_JaffaCakes118
Size

8KB
MD5

bd7424c3cb48395f27dd379656ec9806
SHA1

003709495ddf3477802086f7571ab4db7225da9b
SHA256

3df53ceaf2a3318fca3be21da9230519ee41e617e91d52308cca23dfbc073749
SHA512

4e2dba8389a2bfc7d9dd6d9fba30be1ad9a880139935eb205b012d1db9b19da5337828caae799cbc3154807ec7832b56c2f81f802832910519cfeeeba191e0a6
SSDEEP

192:4WhjFc5chF21OYNBvhZAVXvbuhMEa2MZaOrixsKtjS1EEuCfB0a1sA:4W1Fc5AF21LljARvbuhMj2G5rixsYjSr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Freeze_Hack_by_Slava-zis_obnova_29.10/Freeze_Hack_by_Slava-zis.dll

Files

bd7424c3cb48395f27dd379656ec9806_JaffaCakes118
.zip
Freeze_Hack_by_Slava-zis_obnova_29.10/AppInit x32(x86) - 㤠.reg
Freeze_Hack_by_Slava-zis_obnova_29.10/AppInit x32(x86) - .reg
Freeze_Hack_by_Slava-zis_obnova_29.10/AppInit x64 - 㤠.reg
Freeze_Hack_by_Slava-zis_obnova_29.10/AppInit x64 - .reg
Freeze_Hack_by_Slava-zis_obnova_29.10/Freeze_Hack_by_Slava-zis.dll
.dll windows:5 windows x86 arch:x86

41e38d5347ae7b137e3d8d29d2b12aff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetAsyncKeyState

msvcr90

_initterm_e

Sections

.text
Size: 3KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Freeze_Hack_by_Slava-zis_obnova_29.10/࠭ প .txt