0a20c7c9f71d87637d5f6b0956ae4d41_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a20c7c9f71d87637d5f6b0956ae4d41_JaffaCakes118
Size

747KB
MD5

0a20c7c9f71d87637d5f6b0956ae4d41
SHA1

2b8d5d80ca68252993afb2aa09a6a4d3bbcad992
SHA256

cd6ee857086759cbea1d04e2c557d862ff1dc10916e7d1198e9f2ee8d0b2f419
SHA512

b8cc42ec98750ae5e1190ebb86391683c7b58eee81ba7b7c281952955545f5a8822b9dbb140a1d0b748d96efb45fe01244e6f7f7f649cef23a9bd4d25c7e6c9f
SSDEEP

12288:i6quc7JqjaYRrNBzJhTHjCCKcbdKlMdkQ9GzPuYQmOg2Cd6a4jh:lqX9qOYhnrrGCtb8HQMzPuY0C0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a20c7c9f71d87637d5f6b0956ae4d41_JaffaCakes118

Files

0a20c7c9f71d87637d5f6b0956ae4d41_JaffaCakes118
.exe windows:5 windows x86 arch:x86

10746f7d3fd70f0e25531c2423265999

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
GetCommandLineA
WriteFile
IsBadWritePtr
GetModuleFileNameA
GetModuleHandleA
Beep
GetDriveTypeW
HeapCreate
ClearCommBreak
CreateDirectoryA
GetCurrentThreadId
CreateSemaphoreA
CloseHandle
RemoveDirectoryA
FatalExit
RemoveDirectoryA
lstrlenW
GetCurrentDirectoryW
GetFileType
HeapFree
DeleteAtom
CreatePipe
WaitForMultipleObjects
AddAtomA

cryptui

CryptUIStartCertMgr
CryptUIDlgViewContext
LocalEnrollNoDS
CryptUIWizDigitalSign
CryptUIWizExport
WizardFree
CryptUIWizBuildCTL
LocalEnroll
CryptUIWizImport
DllUnregisterServer
DllRegisterServer
WizardFree
CryptUIDlgFreeCAContext

iyuv_32

AboutDialogProc
AboutDialogProc
AboutDialogProc
AboutDialogProc

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE