JaffaCakes118_45461576f7e1089a86c44e1967345540

General

Target

JaffaCakes118_45461576f7e1089a86c44e1967345540
Size

118KB
MD5

45461576f7e1089a86c44e1967345540
SHA1

8168dc84395454c002bdc678f661d1e1885cbdad
SHA256

1795e546e825a4e780916101474bc02fad1c1ecdace42e3591df3adfb673e9b2
SHA512

be989f1059887f10da8fbc6b34d17afd12ce14c595e526ca2278171c466d23e39c36bf96ac2ab16c6b2ae1e52ed72490faaf18d14416250319c4cbc56e8d6844
SSDEEP

3072:ahRUZlZi/Bilw/5ty7s7lzTK5xlN86/9kcm:a8IJBQsNu5l889

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_45461576f7e1089a86c44e1967345540

Files

JaffaCakes118_45461576f7e1089a86c44e1967345540
.exe windows:4 windows x86 arch:x86

aed6e51d3515fa3fa4ef33b10c862ea4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPrivateProfileSectionW
VirtualProtect
GetStdHandle
WriteConsoleW
DeleteFileA
GetProcessHeap
WriteConsoleW
GetCommandLineA
GetStartupInfoA
HeapDestroy
ResumeThread
SetEvent
GetDriveTypeW
CopyFileA
lstrlenW
WriteConsoleW
Sleep
lstrcpyA
VirtualQueryEx
GetFileAttributesW
GetModuleHandleA

mmcndmgr

DllRegisterServer
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

cryptui

LocalEnroll
WizardFree
DllUnregisterServer
DllRegisterServer
CryptUIWizBuildCTL
CryptUIWizExport
CryptUIWizImport
LocalEnrollNoDS
CryptUIStartCertMgr
LocalEnroll
WizardFree
CryptUIDlgViewContext
CryptUIWizDigitalSign

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.expimp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aed6e51d3515fa3fa4ef33b10c862ea4

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 257B

.expimp Size: 512B - Virtual size: 80B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 257B

.expimp
Size: 512B - Virtual size: 80B