JaffaCakes118_69c679ad52d0b8283048827ba52c5c60

General

Target

JaffaCakes118_69c679ad52d0b8283048827ba52c5c60
Size

117KB
MD5

69c679ad52d0b8283048827ba52c5c60
SHA1

ccb83246a93f7c429d5cb3e0d3d7a265818d344d
SHA256

e5f4f8fa60e6d5f3d1a786306ce8b8ea25e8cdb02c6dcc55a5c72dd23de3399e
SHA512

562bfa71e738170c84ab296812737e68232ff9e35ab2258a95af25a1d7bd698eb9870e379f9ea0510d80930cea68f58a6b13fbfc89b81f9f626895025e627a74
SSDEEP

3072:0kq0rPWn0w6VpRFm2g/9orUBX31SRE8e:Kd0w6Vdm2g/9hFg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_69c679ad52d0b8283048827ba52c5c60

Files

JaffaCakes118_69c679ad52d0b8283048827ba52c5c60
.exe windows:4 windows x86 arch:x86

cc00ac083201d3a7cdd361336edcaa4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
WriteConsoleW
GetDriveTypeW
GetProcessHeap
GetModuleHandleA
SetEvent
VirtualQueryEx
GetStartupInfoA
GetFileAttributesA
lstrlenW
DeleteFileA
GetStdHandle
HeapDestroy
GetPrivateProfileSectionW
VirtualProtect
GetCommandLineA
WriteConsoleW
lstrcpyA
CopyFileA
CancelIo
WriteConsoleW

mmcndmgr

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

cryptui

LocalEnrollNoDS
DllRegisterServer
WizardFree
WizardFree
DllUnregisterServer
CryptUIWizBuildCTL
CryptUIWizDigitalSign
CryptUIDlgViewContext
CryptUIWizExport
CryptUIWizImport
LocalEnroll
CryptUIStartCertMgr
LocalEnroll

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.impexp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc00ac083201d3a7cdd361336edcaa4f

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 1KB - Virtual size: 1KB

.data Size: 3KB - Virtual size: 16KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 110KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 257B

.impexp Size: 512B - Virtual size: 80B

.text
Size: 1KB - Virtual size: 1KB

.data
Size: 3KB - Virtual size: 16KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 110KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 257B

.impexp
Size: 512B - Virtual size: 80B