df3b63a3d47b4feeb33af44b8a4b66a2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df3b63a3d47b4feeb33af44b8a4b66a2_JaffaCakes118
Size

39KB
MD5

df3b63a3d47b4feeb33af44b8a4b66a2
SHA1

3672582d69382d983e315d94a446dc268f85825a
SHA256

b29809a15764478b149affc3c99fe71ce6cf547797986e2b9ff50a231974da1f
SHA512

e71c9dfa833991bab5f011d1b6988fdda54234d9b28f569413d18dd83a1f4fbe9c606e16c5d9d05f0ec0fa84d38ff204f1952e704243602aa6306b3a6052f85f
SSDEEP

768:L4yFHtmsGumYx6QEoacOWTwu4eyXCrQfQTlcaNrVpeETgiBpF:Lv3msGumU6boacd8u4tcAQTzNrbLTT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df3b63a3d47b4feeb33af44b8a4b66a2_JaffaCakes118

Files

df3b63a3d47b4feeb33af44b8a4b66a2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

df1c91d58a02e7748308d65f1f0d8e4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
FreeResource
LockResource
AddAtomA
FindAtomA
FindResourceA
SizeofResource
LoadResource
GetModuleHandleA

user32

VkKeyScanExA
VkKeyScanA
UpdateWindow
wsprintfA
UnionRect
WinHelpA
TranslateMDISysAccel

advapi32

CryptDestroyHash
CryptDestroyKey
RegEnumKeyExA
CryptVerifySignatureA
CryptAcquireContextA
CryptGenRandom
CryptSignHashA
RegEnumValueA

Exports

Exports

dwifm
vedbyadk

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ