068db858322c627e3f6c65d9faa77392_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

068db858322c627e3f6c65d9faa77392_JaffaCakes118
Size

22KB
MD5

068db858322c627e3f6c65d9faa77392
SHA1

3a2bdcca1a876c3c65857a06efc253e9751dc248
SHA256

ea71afccdc2512b64356130056e08650124817260781abf407cfbb03a86cff72
SHA512

79aa50b3d30dc72b560f4496626937e9953375622842f3407351274ade5e45b66d7211800d04ff95e1078ea8ea566a1ce5f017a97d9f00ea149700549ad260aa
SSDEEP

384:b3XZMGGaS3W+uZFxk9D+mC6VNwUKAEBIaeLj8/bwH:b3GxaS3W+uDxbmHVNwM+IheU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
068db858322c627e3f6c65d9faa77392_JaffaCakes118

Files

068db858322c627e3f6c65d9faa77392_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8f354b8a4019af89a85fe44840897eb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SuspendThread
CreateFileA
GetModuleHandleA
SetFileAttributesW
WaitForSingleObject
EnterCriticalSection
GetVersion
FindAtomW
ExitProcess
GetEnvironmentVariableA
CloseHandle
GetCurrentDirectoryA
HeapSize
IsBadReadPtr
VirtualAlloc
GetFileAttributesA
GetFileSize
GetStdHandle
DeleteAtom
DeleteFileW
SetLastError
SetLastError
SetEndOfFile
ReadFile
GetCommandLineA

cryptui

LocalEnrollNoDS
CryptUIDlgViewContext
CryptUIDlgFreeCAContext
CryptUIWizBuildCTL
LocalEnroll
DllRegisterServer
CryptUIDlgFreeCAContext
CryptUIWizDigitalSign
CryptUIDlgFreeCAContext
CryptUIDlgSelectStoreA
CryptUIWizImport
CryptUIWizExport
DllUnregisterServer

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ