cfc48a178761663c74be6a6e96f6078e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cfc48a178761663c74be6a6e96f6078e_JaffaCakes118
Size

39KB
MD5

cfc48a178761663c74be6a6e96f6078e
SHA1

59d763015e176b434586e17a2be194bef6b11ad8
SHA256

58fe20fa6564e7f4c6d0fa31ded34a38c8b23298c367c82cec4a0b4530507e44
SHA512

3082bb040dabb0b5487534fac04556a7074781ea305564a9d54fa88d95acac0dbc8ac7bcc11ff96806fba16da679440a22c01aab1cb769b6d749a2b6b503a1e4
SSDEEP

768:k8tAZ4Wsb70d+kJaCSJatLnIzd4HrWZTDo7o41xZEC/f6Yjvcw:kg44WIYd+G4wLnIz9ZTDm91kifFjvcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cfc48a178761663c74be6a6e96f6078e_JaffaCakes118

Files

cfc48a178761663c74be6a6e96f6078e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

3ca85fb6d628cd2c8c76d5760d5df0bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeResource
VirtualFree
FindResourceA
SizeofResource
LoadResource
LockResource
FindAtomA
GetModuleHandleA
AddAtomA
GetProcAddress
VirtualAlloc

user32

WindowFromPoint
UnpackDDElParam
WinHelpA
UnionRect
TranslateMessage
UnregisterClassA
VkKeyScanExA
WindowFromDC
UpdateWindow
VkKeyScanA

advapi32

CryptDestroyKey
RegCreateKeyA
CryptSetHashParam
CryptExportKey
CryptCreateHash
RegCreateKeyExA
RegFlushKey
CryptGetKeyParam
RegLoadKeyA

Exports

Exports

jbhltjlg
pdtwtrpvxa

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 258B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ