13406aa9fb4f551ac747e34987c613ff_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13406aa9fb4f551ac747e34987c613ff_JaffaCakes118
Size

23KB
MD5

13406aa9fb4f551ac747e34987c613ff
SHA1

746df9d61c5ff6d6b6344e32714b18367e26e62b
SHA256

b9b83f3986fdbd0c06a49e83b520da3e7caa41c398a891a852b8c4a4c5d9c432
SHA512

cdc5a2a47184554723e9510f83f1119839cceacbf0d7243d5d740598966166629c9b6f81c9255c1a406127207a68c34b8314a1466586fa384615a5e7419676b7
SSDEEP

384:wBpdG7VnnyBBfXdoQtH+mC6VNwUKLmt++Ns:wrdG7FnyBB/VemHVNwfs+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13406aa9fb4f551ac747e34987c613ff_JaffaCakes118

Files

13406aa9fb4f551ac747e34987c613ff_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1c8862c6215eaff031e6d99cacdbe06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetCurrentDirectoryA
VirtualAlloc
Sleep
ReadFile
CloseHandle
FindAtomW
GetFileSize
GetEnvironmentVariableA
SetEndOfFile
HeapSize
WaitForSingleObject
GetVersion
ExitProcess
RemoveDirectoryA
CreateFileA
SetFileAttributesW
EnterCriticalSection
SetLastError
GetModuleHandleA
GetFileAttributesA
SetLastError
SuspendThread
DeleteFileW
GetCommandLineA

cryptui

CryptUIWizExport
CryptUIDlgFreeCAContext
LocalEnrollNoDS
DllUnregisterServer
CryptUIDlgSelectStoreA
CryptUIWizBuildCTL
CryptUIDlgFreeCAContext
LocalEnroll
CryptUIDlgViewContext
CryptUIWizImport
CryptUIDlgFreeCAContext
DllRegisterServer
CryptUIWizDigitalSign

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ