JaffaCakes118_7c1c369ed1388e96789cabf1ddc333b0

General

Target

JaffaCakes118_7c1c369ed1388e96789cabf1ddc333b0
Size

118KB
MD5

7c1c369ed1388e96789cabf1ddc333b0
SHA1

27a23fe75816f957615fe4a03a3acac34153647b
SHA256

c0451b37d7a8cc852a8bced0d2ff3e6b93858f7d89630c5885e462fd4d3a9d7b
SHA512

ec8929471e6f82cf9dbddb7ea87ff538449e788c69cbcb165b7b6163bb91d3549c3cc9353577233e291b1b56d98288fe388f5b5596fb5baa2a5799d2168c94d0
SSDEEP

1536:Juk4z8aAbLnIyCajwyHhrFixeqE38kshKOPd1l6czF3oNCqGqo6Fodbhi9pMXJSC:JdhgFE6hXPd/F8C56FIhi9GXJuZs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_7c1c369ed1388e96789cabf1ddc333b0

Files

JaffaCakes118_7c1c369ed1388e96789cabf1ddc333b0
.exe windows:4 windows x86 arch:x86

6005ec7bb8126204e0d1a4586bd24e1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
GetStdHandle
lstrcpyA
lstrlenW
GetProcessHeap
GetStartupInfoA
VirtualQueryEx
GetCommandLineA
WriteConsoleW
GetDriveTypeW
GetModuleHandleA
CopyFileA
GetFileAttributesW
WriteConsoleW
DeleteFileA
HeapDestroy
WriteConsoleW
VirtualProtect
SetEvent
ResumeThread
GetPrivateProfileSectionW

mmcndmgr

DllRegisterServer
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

cryptui

CryptUIWizDigitalSign
CryptUIDlgViewContext
WizardFree
WizardFree
CryptUIStartCertMgr
CryptUIWizBuildCTL
LocalEnroll
DllUnregisterServer
CryptUIWizImport
LocalEnrollNoDS
DllRegisterServer
LocalEnroll
CryptUIWizExport

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 257B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.expimp
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6005ec7bb8126204e0d1a4586bd24e1b

Headers

File Characteristics

Imports

kernel32

mmcndmgr

cryptui

Sections

.text Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 2KB

.rdata Size: 512B - Virtual size: 296B

.rsrc Size: 111KB - Virtual size: 110KB

.rdata Size: 512B - Virtual size: 257B

.expimp Size: 512B - Virtual size: 80B

.text
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 512B - Virtual size: 296B

.rsrc
Size: 111KB - Virtual size: 110KB

.rdata
Size: 512B - Virtual size: 257B

.expimp
Size: 512B - Virtual size: 80B