2a1ee6ed6e145663b60dcdabc6d20a94_JaffaCakes118

General

Target

2a1ee6ed6e145663b60dcdabc6d20a94_JaffaCakes118
Size

54KB
MD5

2a1ee6ed6e145663b60dcdabc6d20a94
SHA1

2a6da2d6a0aeb366faf2829c15c393a6bba96f16
SHA256

e7f418b8dfd804545db31d35d95d72271f9082767751566bfbc4baf36a1b2ff9
SHA512

c2f9354db0e06dd55c2eed762d84b211b19c6645eb2a679d83aa251832fb31e1df2ce2a8a84ce96788b5c11a72f4392633a3904ba90b858992948d10fade5be6
SSDEEP

768:dhaS3WBTzzUdEvCSb4MajQ1Y3DUAhQ48nXt4aNelZmn5wTWarhGPV5KmNz:S2WhzyEvCe4MKQ289Hku5wSWsP7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a1ee6ed6e145663b60dcdabc6d20a94_JaffaCakes118

Files

2a1ee6ed6e145663b60dcdabc6d20a94_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fea956312be2109cf84e7cc7d0f4487

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetEndOfFile
SuspendThread
SetFileAttributesW
IsBadReadPtr
EnterCriticalSection
ExitProcess
GetEnvironmentVariableA
GetModuleHandleA
GetVersion
GetCurrentDirectoryA
CreateFileA
GetStdHandle
HeapSize
SetLastError
FindAtomW
GetFileAttributesA
SetLastError
DeleteAtom
VirtualAlloc
WaitForSingleObject
GetFileSize
ReadFile
DeleteFileA
GetCommandLineA

cryptui

WizardFree
CryptUIStartCertMgr
CryptUIWizImport
LocalEnroll
WizardFree
DllRegisterServer
CryptUIWizDigitalSign
CryptUIWizBuildCTL
LocalEnrollNoDS
CryptUIDlgFreeCAContext
CryptUIWizExport
CryptUIDlgViewContext
DllUnregisterServer

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 47KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sjdcjnm
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8fea956312be2109cf84e7cc7d0f4487

Headers

File Characteristics

Imports

kernel32

cryptui

winrnr

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 10B

.rsrc Size: 47KB - Virtual size: 75KB

sjdcjnm Size: - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 10B

.rsrc
Size: 47KB - Virtual size: 75KB

sjdcjnm
Size: - Virtual size: 4KB