086ef0bc0aa1da7cf983815340c3690d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

086ef0bc0aa1da7cf983815340c3690d_JaffaCakes118
Size

76KB
MD5

086ef0bc0aa1da7cf983815340c3690d
SHA1

e7d44424c4946125ed4922708b22cbf03ab0c3db
SHA256

b38d567597f8b8213b964c29d4e31088b70523c0aeeaac3abc7e1fa83a505b2c
SHA512

018f730dbcef3a51b0d88752348103c196489dfb67147551e704c3a3be2ab587fa8779121c41defb5f114b5cb20f2e6fdc5ba0a23c1563d89dfa6e8bf53e6a2b
SSDEEP

1536:/U8rKlqJ15dMdv8IxxMdPtox0gsr17ff+4ONFdRas3xRQVZsVEvDC1K2x//aReBy:/UrmJ7AOeK2x//aghz7+LTX791

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
086ef0bc0aa1da7cf983815340c3690d_JaffaCakes118

Files

086ef0bc0aa1da7cf983815340c3690d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

06c19cec9509159c66f443fa0cb6df2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
RemoveDirectoryA
GetCommandLineW
GetFileAttributesA
GetEnvironmentVariableW
SetFileAttributesW
IsBadReadPtr
SetLastError
Sleep
SuspendThread
VirtualAlloc
SetLastError
ReadFile
WaitForSingleObject
CloseHandle
EnterCriticalSection
GetVersion
ExitProcess
CreateFileA
GetFileType
GetCurrentDirectoryW
FindAtomW
HeapSize
DeleteFileW
GetFileTime

cryptui

CryptUIDlgFreeCAContext
CryptUIWizExport
DllRegisterServer
CryptUIWizBuildCTL
CryptUIDlgFreeCAContext
CryptUIDlgViewContext
LocalEnroll
LocalEnrollNoDS
CryptUIDlgFreeCAContext
DllUnregisterServer
CryptUIDlgSelectStoreA
CryptUIWizDigitalSign
CryptUIWizImport

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ