e160938cbfd12a0b2142cef283d24170_JaffaCakes118 | Triage

Sharing

General

Target

e160938cbfd12a0b2142cef283d24170_JaffaCakes118
Size

39KB
MD5

e160938cbfd12a0b2142cef283d24170
SHA1

8116e4d771abb18a256e338caf7c121c4379a649
SHA256

f0f5e64d21d9105dfcb224f34cd169f97cf7e509d0fa9b7c0939d0c5153a52dc
SHA512

d51ae22a4d6ec4696129b23ca9452e655d436c0d79f36c8b67b38da678418702915577f0ed3d82e02a2fe046f2fa2aa09dd1c4470aeb0cad7e079abe58097e57
SSDEEP

768:TtfdW+9VHsfkos608PRWT2hqS6nLmhHel3h68/oL3jsx2okvWIN1I:pfV/H2P0fqQvnq8l3hn/ojjuD4TI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e160938cbfd12a0b2142cef283d24170_JaffaCakes118

Files

e160938cbfd12a0b2142cef283d24170_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1492620330fd384dfd097461fa7eb302

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LockResource
LoadResource
SizeofResource
FreeResource
AddAtomA
VirtualAlloc
VirtualFree
FindAtomA
GetModuleHandleA
GetProcAddress
FindResourceA

user32

ValidateRgn
wvsprintfA
UnpackDDElParam
WaitMessage
ValidateRect

advapi32

RegQueryValueA
RegQueryValueExA
CryptGetUserKey
RegSetValueA
RegReplaceKeyA

Exports

Exports

ueajuxpfnn
vcdmhblzx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 747B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 228B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ