0df0550b9aff0f3d76295643b14e6e2f_JaffaCakes118 | Triage

Sharing

General

Target

0df0550b9aff0f3d76295643b14e6e2f_JaffaCakes118
Size

773KB
MD5

0df0550b9aff0f3d76295643b14e6e2f
SHA1

42379e1586c426c6fad05276f872d0c65b0896a9
SHA256

bb2856cb37f56657bb00b97cbb65d8dc30ffb96a19cc44b2861087b2acc3b786
SHA512

a3f27094393cda06e5ba05fface5f582c4492c664dcc751a39c2e69a8675a7083f7f971e3707fcca139110469a0e662d0ab213afc825f4dec37b78427fdb5a10
SSDEEP

12288:vAoDQwlaoMjqKAbpUM5SLKXiL/TU9ueiy56/u6NhgHx+665str+Qh+pXJPkz:45aMgb5KTUubuogU5sYQ6Z8z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0df0550b9aff0f3d76295643b14e6e2f_JaffaCakes118

Files

0df0550b9aff0f3d76295643b14e6e2f_JaffaCakes118
.exe windows:5 windows x86 arch:x86

be5939f32712e0181803a3fcdbd83137

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
DeleteAtom
WaitForMultipleObjects
HeapCreate
FindAtomA
GetModuleFileNameA
RemoveDirectoryA
IsBadWritePtr
GetModuleHandleA
ClearCommBreak
SetVolumeLabelA
FatalExit
GetCommandLineA
FindClose
HeapFree
CloseHandle
RemoveDirectoryA
CreatePipe
GetCurrentThreadId
GetCurrentDirectoryW
GetFileType
WriteFile
CreateSemaphoreA
CreateDirectoryA
AddAtomA

cryptui

LocalEnrollNoDS
CryptUIDlgViewContext
CryptUIStartCertMgr
DllUnregisterServer
CryptUIDlgFreeCAContext
WizardFree
CryptUIWizBuildCTL
CryptUIWizImport
CryptUIWizExport
WizardFree
LocalEnroll
DllRegisterServer
CryptUIWizDigitalSign

iyuv_32

AboutDialogProc
AboutDialogProc
AboutDialogProc
AboutDialogProc

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 766KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE