d3b5f292e33d3b2852cce41b376ac795_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3b5f292e33d3b2852cce41b376ac795_JaffaCakes118
Size

124KB
MD5

d3b5f292e33d3b2852cce41b376ac795
SHA1

a1c681bd320b50f4a9bbce80096c538b06c2f600
SHA256

5222e8faa62f7816ad519e015c7a2705998c0986544877caf7193b6179720292
SHA512

78f04e8bec37ab59577ced6b625e8f6c5869d49036ad176e504e218a45f3c9fc1acd344ad15c222e37de5b618c53ce627be5bee78792e76655a6c65b8767e4d4
SSDEEP

1536:hielcZKoTQeApIZwFly9Q3NFOiLhmV222Gd7dsQjkNUZjmJ+8htiS04AVtVBlwgK:M77Z+jPVmo2Vd7oNUo1tetV2eK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3b5f292e33d3b2852cce41b376ac795_JaffaCakes118

Files

d3b5f292e33d3b2852cce41b376ac795_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9585a72f11c715e5f19eea4bd3889289

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindAtomA
LockResource
LoadResource
SizeofResource
FindResourceA
AddAtomA
SystemTimeToFileTime
VirtualFree
EnumSystemCodePagesA
GetCommandLineA

user32

SendMessageA

Exports

Exports

fkbfvpinxy
gwmxrjgaf

Sections

.text
Size: 4KB - Virtual size: 578B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ