d04b628143b08c58d2bb4dcb3cfb21cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d04b628143b08c58d2bb4dcb3cfb21cb_JaffaCakes118
Size

124KB
MD5

d04b628143b08c58d2bb4dcb3cfb21cb
SHA1

5efc54227e0859f7efc528e8fdfdcaf2139cb96e
SHA256

2ea3e0247f015707a300e781182ab8d726e9d89d4c8607d270e7f95fb41469e4
SHA512

7c315cc988dfa717fb9395225f4d2e443aa6c283a09cebc0810b42bd330e2d7e61c2133e0a06a1e8d8789bcd52c4ddaad74526a49f8346ab1382f6a5ad345468
SSDEEP

1536:smrykRYNVl2wD9F/jZHVGyNq7vxS2Jhpk6Yar3jP/WlEXOm43KgYGHrFRSqt:smryIY3lRV1Hk42RrTPulYOmgLFg8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d04b628143b08c58d2bb4dcb3cfb21cb_JaffaCakes118

Files

d04b628143b08c58d2bb4dcb3cfb21cb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d3ea189702c0288a8e6ed83e7081c4e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindResourceA
VirtualAlloc
SizeofResource
FreeResource
AddAtomA
LoadResource
LockResource
VirtualFree
GetProcAddress
FindAtomA
GetModuleHandleA

user32

wvsprintfA
WinHelpA
WaitForInputIdle
VkKeyScanA

advapi32

RegEnumKeyA
CryptSignHashA
CryptExportKey
CryptSetProviderA
CryptGetKeyParam

Exports

Exports

klaqequxdg
ojrvz

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ