c93f5d9f650b15876d272529f133071a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c93f5d9f650b15876d272529f133071a_JaffaCakes118
Size

39KB
MD5

c93f5d9f650b15876d272529f133071a
SHA1

daa739a1e4f824e70bb8f45072f3b1d079291fa6
SHA256

f2b6f14117d6a6c049200e41a9dce6dedb87a565a4e26151f1ee2e9b34429909
SHA512

c21eb95c3df523c281017a3a4f27e2f6ad455c8a1176a69c81aebe4da397b39328695c5034e9069cdbd462c0d309c606f77226ff085cd58aa608c0f973f6168f
SSDEEP

768:k3fDHnEqbkJ4WWF4iw2P0rcxj/BwvsbedtgmFp21M3uBTCk:kvwqbkJwF4ij1KvsbedrF01M3un

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c93f5d9f650b15876d272529f133071a_JaffaCakes118

Files

c93f5d9f650b15876d272529f133071a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

fef84a8c770ef5b8916b3d2a8a5fff08

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindAtomA
VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualFree
AddAtomA
FreeResource
FindResourceA
SizeofResource
LoadResource
LockResource

user32

UnionRect
wvsprintfA
UnpackDDElParam
ValidateRect
WinHelpA
WindowFromDC
VkKeyScanExA
UnregisterHotKey

advapi32

CryptSetProvParam
CryptImportKey
CryptDestroyKey
CryptHashData
RegConnectRegistryA
RegEnumKeyA
RegFlushKey
RegOpenKeyExA
CryptEncrypt
RegSaveKeyA
RegEnumValueA

Exports

Exports

emftvb
geihiavxd

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 969B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 262B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ