JaffaCakes118_04c63d816cfd0024e18df5dfbc214e5f | Triage

Sharing

General

Target

JaffaCakes118_04c63d816cfd0024e18df5dfbc214e5f
Size

109KB
MD5

04c63d816cfd0024e18df5dfbc214e5f
SHA1

634d8bef5dfaae21250c9eeff52ac3c1eeab5541
SHA256

45f86520323341ba4fdfc4698ed606b0a03efd6494c3a66a1c80e01c57ff379d
SHA512

98828ec38a28f3c36670da3f2b83b0d09518611e7019f427cfc77f169d86fdab4b1041d2edefce2060518b9cceea2708d244e6dd5028a426073d621ca2b6df03
SSDEEP

3072:ner/VH6RIFi1wiL1uDpRT+Hk68qoxILfzHchwhD:mVaR11L1uDXSE6doqjT1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_04c63d816cfd0024e18df5dfbc214e5f

Files

JaffaCakes118_04c63d816cfd0024e18df5dfbc214e5f
.exe windows:4 windows x86 arch:x86

3566888d7ddbd8bc694dea250db19461

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
VirtualAlloc
FindAtomW
DeleteFileW
GetCommandLineA
ReadFile
GetModuleHandleA
RemoveDirectoryA
SetEndOfFile
CreateFileA
SuspendThread
GetFileAttributesA
SetFileAttributesW
SetLastError
GetCurrentDirectoryA
HeapSize
GetVersion
GetFileSize
IsBadReadPtr
WaitForSingleObject
CloseHandle
ExitProcess
EnterCriticalSection
SetLastError
Sleep

cryptui

CryptUIDlgFreeCAContext
CryptUIDlgFreeCAContext
DllRegisterServer
CryptUIWizDigitalSign
LocalEnrollNoDS
CryptUIDlgSelectStoreA
CryptUIWizBuildCTL
CryptUIDlgViewContext
CryptUIDlgFreeCAContext
CryptUIWizImport
LocalEnroll
CryptUIWizExport
DllUnregisterServer

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ