9912c6c572cafe2045308fbd4f70ffe3_JaffaCakes118 | Triage

Resubmissions

25-11-2024 09:39

241125-lmp22swpdk 6

25-11-2024 03:59

241125-ekgvbstjdq 10

Sharing

General

Target

9912c6c572cafe2045308fbd4f70ffe3_JaffaCakes118
Size

108KB
MD5

9912c6c572cafe2045308fbd4f70ffe3
SHA1

5487240f8386900836e21b02ad507d5f167a1e75
SHA256

bd9f8dda1d2681bc4c7362c07ffebbb48789927dc12d61d0ef4cc09c1111d16e
SHA512

d5e14c3c509dcc6b910c56fcd0c12d10c7359b6533d783d1c81f8c7a64246be41175f3c932b71375478a73d9d920501ab0d33df26db62213b71118696c3bae52
SSDEEP

3072:RpcSwyrMj0ZyStWL4W5lKtFZmbWAm4k20lF:RYyQAyStz4CmbWAm4q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9912c6c572cafe2045308fbd4f70ffe3_JaffaCakes118

Files

9912c6c572cafe2045308fbd4f70ffe3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b935688bcf582030fa437a5a6f96719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
SetLastError
EnterCriticalSection
GetModuleHandleA
HeapSize
GetFileAttributesA
GetFileSize
CreateFileA
GetStdHandle
SetLastError
IsBadReadPtr
WaitForSingleObject
GetCurrentDirectoryA
FindAtomW
SetEndOfFile
SetFileAttributesW
GetCommandLineA
GetVersion
SuspendThread
ExitProcess
ReadFile
GetEnvironmentVariableA
VirtualAlloc
DeleteFileA
CloseHandle

cryptui

CryptUIWizExport
DllRegisterServer
CryptUIWizDigitalSign
LocalEnrollNoDS
CryptUIDlgFreeCAContext
LocalEnroll
WizardFree
CryptUIStartCertMgr
CryptUIWizBuildCTL
WizardFree
DllUnregisterServer
CryptUIDlgViewContext
CryptUIWizImport

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ