JaffaCakes118_639e6f00fa935af1c994d02d1c475ea0

General

Target

JaffaCakes118_639e6f00fa935af1c994d02d1c475ea0
Size

117KB
MD5

639e6f00fa935af1c994d02d1c475ea0
SHA1

ecb8fbd23800d081635a2aedf46216ad2de863b2
SHA256

452eb1467c3c406311209c822cb3f6f5c0164d2c62ab68b1c9b89f79a943eb1d
SHA512

af540aa18a02485535ae19a1c147dcee12a276d420c60e87f76abbd13bad90279273da207a07a08b4f92c558fc6f420fe226406ef3b8545ac1055f1fc1b1e0dd
SSDEEP

3072:t9G8vQ6xbmYiI41sOwcqs/kgXN58X8QU9:t88b1iI41sOwcqscgXP8MP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_639e6f00fa935af1c994d02d1c475ea0

Files

JaffaCakes118_639e6f00fa935af1c994d02d1c475ea0
.exe windows:4 windows x86 arch:x86

ef216792f04524e70b775f597b02d75d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CopyFileA
GetCommandLineA
VirtualQueryEx
GetStdHandle
WriteConsoleW
DeleteFileA
lstrlenW
lstrcpyA
GetProcessHeap
WriteConsoleW
VirtualProtect
GetPrivateProfileSectionW
Sleep
SetEvent
GetStartupInfoA
WriteConsoleW
GetFileAttributesA
HeapDestroy
GetDriveTypeW
GetModuleHandleA
CancelIo

mmcndmgr

DllRegisterServer
DllGetClassObject
DllCanUnloadNow
DllRegisterServer

cryptui

LocalEnroll
WizardFree
LocalEnrollNoDS
CryptUIWizExport
CryptUIWizImport
DllUnregisterServer
CryptUIStartCertMgr
LocalEnroll
DllRegisterServer
WizardFree
CryptUIWizBuildCTL
CryptUIDlgViewContext
CryptUIWizDigitalSign

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef216792f04524e70b775f597b02d75d

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 96B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 96B