08ffa2f96562b28699eae2b809901cf0_JaffaCakes118

General

Target

08ffa2f96562b28699eae2b809901cf0_JaffaCakes118
Size

67KB
MD5

08ffa2f96562b28699eae2b809901cf0
SHA1

d4bf5b0418c81bb43a5006ecbf5b6589984d9ade
SHA256

039b0ab7430873e09f3c7c1c157583914ae5ea6f8c57535e8c7b567d224f6c1e
SHA512

f86f1441bc69f3041e24a75a5a1bf30a35e1404f2669769e389e08b6bfe82091ced99e88137449dc0b4e8aa320f36e05ed6b2c55887106b6525150561e82ee90
SSDEEP

1536:N9WtYYU3zlTCmE7gDOVE/jN3LpOIBSlb3leQUha:nsDUhcxVEbN3LpOgg7Ya

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08ffa2f96562b28699eae2b809901cf0_JaffaCakes118

Files

08ffa2f96562b28699eae2b809901cf0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

49830d00bf7f34650a499a4d795a3a7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CancelIo
VirtualQueryEx
GetStartupInfoA
GetFileAttributesA
DeleteFileA
lstrlenW
GetCommandLineA
GetProcessHeap
WriteConsoleW
GetModuleHandleA
WriteConsoleW
GetStdHandle
HeapDestroy
VirtualProtect
WriteConsoleW
GetPrivateProfileSectionW
SetEvent
CopyFileA
GetDriveTypeW
Sleep
lstrcpyA

mmcndmgr

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

cryptui

CryptUIDlgViewContext
CryptUIWizBuildCTL
CryptUIWizImport
DllRegisterServer
LocalEnrollNoDS
LocalEnroll
DllUnregisterServer
LocalEnroll
CryptUIWizExport
WizardFree
CryptUIStartCertMgr
WizardFree
CryptUIWizDigitalSign

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49830d00bf7f34650a499a4d795a3a7e

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 60KB - Virtual size: 59KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 80B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 60KB - Virtual size: 59KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 80B