eb242d3380ed944e78a571ea9d4dad54_JaffaCakes118

General

Target

eb242d3380ed944e78a571ea9d4dad54_JaffaCakes118
Size

180KB
MD5

eb242d3380ed944e78a571ea9d4dad54
SHA1

d4c7b75372bc3db9fac16bfb5132d6a1a4c9d71a
SHA256

7950f9c6a0c45d28113c80da8b7d4f755d6304b62ee0db11414ef93a3084646e
SHA512

a690216cd2181ca70c4c156309960eb47f58e6c770dd29641fadcb7d45c39392b3cece4b9b96b7661ae5b52d2c9bf4506fa2bb4ac3655afaac2f9353b2a41e00
SSDEEP

3072:2qmdTSgbAGUlvFKK1GgHg16Eu6R3kJPlIBfF5PjOR:2qdG+lvFKK1vsNuQkJPMFk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eb242d3380ed944e78a571ea9d4dad54_JaffaCakes118

Files

eb242d3380ed944e78a571ea9d4dad54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aedcb8548bc1ead2e886d83d0c5ce789

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

advapi32

RegSetValueExA
DeleteService
RegCreateKeyExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
OpenSCManagerA

shlwapi

SHGetValueA
SHSetValueA
StrStrIA
SHEnumValueA
SHEnumKeyExA

user32

wsprintfA

msvcrt

strerror
printf
strlen
memcmp
isgraph
memcpy
rand
free
fclose
fwrite
fopen
sprintf
isxdigit
??2@YAPAXI@Z
isspace
isupper
isalnum
strncpy
wcscpy
mbstowcs
srand
time
atoi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__mb_cur_max
malloc
wctomb
tolower
ispunct
strcpy
strcat
islower
isalpha
memset

imagehlp

ImageNtHeader

kernel32

lstrlenA
ExitProcess
GetVersionExA
GetLocalTime
SleepEx
GetModuleHandleA
GetLastError
GetSystemDirectoryA
GetFileAttributesExA
SetFileTime
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
GetStartupInfoA
CreateFileA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

aedcb8548bc1ead2e886d83d0c5ce789

Headers

File Characteristics

Imports

rpcrt4

shell32

ole32

advapi32

shlwapi

user32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 108KB - Virtual size: 104KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 108KB - Virtual size: 104KB