69862acb7e3be0ffa8da99fe4c872a18_JaffaCakes118 | Triage

Sharing

General

Target

69862acb7e3be0ffa8da99fe4c872a18_JaffaCakes118
Size

7KB
MD5

69862acb7e3be0ffa8da99fe4c872a18
SHA1

e10d24ae4ab115e7ec317458121eaa955a1798e0
SHA256

085f62211e32f86ba39dc2f6f0e6ea343ade0788b2b0f664cd46e15f195a73f5
SHA512

721f98f62ca9fdbcccdb56d1c77dd8339dcc1eaf7dd87d8093a7674df9dc819b4488972b4e228ec28c84553be823fc7593b705621cc5f0249274959c08b58e9d
SSDEEP

96:CXyxEj5Vt/NokTPz5QIH66lFswmB8I3Nx0ZwUDz+Hh9+HLUHoNIgkDKG/:7xENf/Nnb/DA5dx0byHhEHogkW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69862acb7e3be0ffa8da99fe4c872a18_JaffaCakes118

Files

69862acb7e3be0ffa8da99fe4c872a18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5fe37ad5bb6d3b5f283aa1476f02195b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CryptAcquireCertificatePrivateKey
CertEnumCertificatesInStore
PFXImportCertStore
CertFreeCertificateContext
CryptMemFree
PFXExportCertStoreEx
CertCloseStore
CertOpenStore
CertCreateSelfSignCertificate
CertStrToNameA
CertGetNameStringA
CertDeleteCertificateFromStore
CertAddCertificateContextToStore
CryptMemAlloc

kernel32

GetFileSize
CreateFileA
ReadFile
WriteFile
lstrlenA
HeapAlloc
lstrcatA
lstrcpyA
GetTempPathA
GetProcAddress
LoadLibraryA
FreeLibrary
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
CloseHandle
GetSystemTime

advapi32

CryptGetProvParam

Exports

Exports

k
o

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ