JaffaCakes118_64180e4d138579bfa3251d341d7ac310

General

Target

JaffaCakes118_64180e4d138579bfa3251d341d7ac310
Size

120KB
MD5

64180e4d138579bfa3251d341d7ac310
SHA1

19da5b2e0a161d0a4c1e2af80af3e48828ebb224
SHA256

e18d1836b907343cf4d217d3d700ba603e5ca85c53de61ce15962de640096364
SHA512

d236abf7e1e113e3fab744ba09b9b9c0bc531f098eceb7187729f73382a55631d8c511883e316e97276ca2a79c575954e13ff0ff79f6ae664fd3e6de9f040ea7
SSDEEP

3072:nCYI4vbKS8JhyN9CueoN4/6a/Qly9wd4oTSNOE:nCYZvbKS8JWDW6Xg9wd4oT+h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_64180e4d138579bfa3251d341d7ac310

Files

JaffaCakes118_64180e4d138579bfa3251d341d7ac310
.exe windows:4 windows x86 arch:x86

fff2a8d0a8967c0a26f8b6890f5625bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ResumeThread
lstrlenW
CopyFileA
lstrcpyA
VirtualProtect
GetCurrentDirectoryA
WriteConsoleW
GetStdHandle
GetPriorityClass
GetModuleHandleA
WriteConsoleW
HeapDestroy
GetCommandLineA
GetFileAttributesW
SetEvent
GetStartupInfoA
CreatePipe
DisconnectNamedPipe
DeleteFileA
GetProcessHeap
WriteConsoleW

mmcndmgr

DllCanUnloadNow
DllRegisterServer
DllRegisterServer
DllGetClassObject

cryptui

WizardFree
CryptUIWizExport
CryptUIWizDigitalSign
LocalEnroll
CryptUIWizImport
CryptUIWizBuildCTL
CryptUIDlgViewContext
DllRegisterServer
WizardFree
LocalEnroll
DllUnregisterServer
CryptUIWizBuildCTL
CryptUIStartCertMgr

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 177B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fff2a8d0a8967c0a26f8b6890f5625bd

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 3KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.rdata Size: 512B - Virtual size: 264B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 177B

.impdata Size: 512B - Virtual size: 257B

.text
Size: 3KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB

.rdata
Size: 512B - Virtual size: 264B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 177B

.impdata
Size: 512B - Virtual size: 257B