d7bce7dc29f9c05fba85e2922583c0cd_JaffaCakes118

General

Target

d7bce7dc29f9c05fba85e2922583c0cd_JaffaCakes118
Size

114KB
MD5

d7bce7dc29f9c05fba85e2922583c0cd
SHA1

95a82ccfdad81f093dd63a4e64b6449ec518db23
SHA256

387aed56da6bf8cc2a2be6be910747e14380408689ef011227b4bec12fb1ecb2
SHA512

21a51f566b342fb41a38b8f1aa4ab081159ee51ee7fe6bdea6c4d93ca8c374509e3db35ff2c5d0641d6e5202a70a4dc4c8045585d3f0a4f31a3d497d148bca8a
SSDEEP

3072:oYltF2ixWmZLprvw5EL0WHRVUlvw3ypP5:dltwKDvwEZxilvn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7bce7dc29f9c05fba85e2922583c0cd_JaffaCakes118

Files

d7bce7dc29f9c05fba85e2922583c0cd_JaffaCakes118
.exe windows:5 windows x86 arch:x86

8ebfcc86c2db0d6b6c6194bd7e7df195

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cmutil

CmAtolA
CmMalloc

advapi32

RegCreateKeyExA
CryptSignHashW
RegSaveKeyA
InitializeAcl
GetUserNameA
RegOpenKeyW
RegDeleteValueA
RegRestoreKeyW
RegCloseKey
OpenEventLogW
RegEnumKeyA

untfs

Format
FormatEx
Chkdsk
Extend
Recover

certcli

CACloseCA
CADeleteCA
CAEnumNextCA

kernel32

FreeConsole
CreateFileA
ExitProcess
VirtualAlloc
WaitForSingleObject
OpenWaitableTimerA
LoadLibraryA
LoadLibraryExA
CloseHandle
GetACP
WriteFile
SetCurrentDirectoryA
GetFileAttributesA
VirtualQuery
GetCurrentDirectoryA
OpenSemaphoreA
GetShortPathNameW
CreateJobObjectA

cfgmgr32

CM_Add_Empty_Log_Conf
CMP_Report_LogOn
CMP_Init_Detection
CM_Add_IDA

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.udata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rlo�
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8ebfcc86c2db0d6b6c6194bd7e7df195

Headers

DLL Characteristics

File Characteristics

Imports

cmutil

advapi32

untfs

certcli

kernel32

cfgmgr32

Sections

.text Size: 27KB - Virtual size: 26KB

.udata Size: 2KB - Virtual size: 1KB

.adata Size: 75KB - Virtual size: 74KB

.rsrc Size: 6KB - Virtual size: 6KB

.rlo� Size: 2KB - Virtual size: 2KB

.text
Size: 27KB - Virtual size: 26KB

.udata
Size: 2KB - Virtual size: 1KB

.adata
Size: 75KB - Virtual size: 74KB

.rsrc
Size: 6KB - Virtual size: 6KB

.rlo�
Size: 2KB - Virtual size: 2KB