5506e3010ef652759bd7d8695dd8b5df_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5506e3010ef652759bd7d8695dd8b5df_JaffaCakes118
Size

452KB
MD5

5506e3010ef652759bd7d8695dd8b5df
SHA1

58228afd0c6120c7ab41df3a583996df1c51f684
SHA256

a3419de9b214ece6359161c10d4411a2a2358dd8feebb7b5d5113e18e55a1bef
SHA512

e1cd8e7632cd20f4faad9b7c8ef8f0cfe275cdbecd53d84ae4516bbd9cd444bd364a237df1d9fa3014d6dee5bb42c31934c9f3debd092b6498eb926d42e453bb
SSDEEP

12288:HumSn+v3lk3nVtcWK+exxio4NQ6X6bhHkDoeXom/f91lxIEw:HwC32Va0oz/NHknXhT/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5506e3010ef652759bd7d8695dd8b5df_JaffaCakes118

Files

5506e3010ef652759bd7d8695dd8b5df_JaffaCakes118
.exe windows:5 windows x86 arch:x86

405c5f662ea9cbccce841466570d12dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetDriveTypeW
GetCommandLineA
AddAtomA
GetModuleFileNameA
CreateSemaphoreW
IsBadWritePtr
RemoveDirectoryA
FindAtomA
FindClose
HeapCreate
RemoveDirectoryA
WriteFile
WaitForMultipleObjects
CloseHandle
SetVolumeLabelA
GetProcessHeap
ExitThread
CreateDirectoryA
GetFileType
SetEndOfFile
DeleteAtom
HeapFree
ClearCommBreak
CreatePipe

cryptui

WizardFree
CryptUIWizExport
DllRegisterServer
CryptUIWizBuildCTL
WizardFree
CryptUIDlgViewContext
LocalEnroll
LocalEnrollNoDS
CryptUIDlgFreeCAContext
DllUnregisterServer
CryptUIStartCertMgr
CryptUIWizDigitalSign
CryptUIWizImport

msrle32

DriverProc
DriverProc
DriverProc
DriverProc

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE