f54cf33decc9da33335c52fd6f2c7017_JaffaCakes118

General

Target

f54cf33decc9da33335c52fd6f2c7017_JaffaCakes118
Size

180KB
MD5

f54cf33decc9da33335c52fd6f2c7017
SHA1

34162907780b923ebd36dba5e94e3ba13f9577a7
SHA256

2ca43138880da5a64d704af72d71cad9dcabd0906f661076454953c46beffbc3
SHA512

e4443f1e3608d802c828195f4611c47b9193700268b1a2317319ace41f80048fe821cb4bf10591a975b8d8b507899ee5750c72011d1f21fcad7723df9d38fe2b
SSDEEP

3072:bmwFyLwRDAhD4VngIWBm6a8fcxWJtTlWzbd4KVBz6g1odjKudz:bmygD4CBy8fcxklgbeoBz6iS2i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f54cf33decc9da33335c52fd6f2c7017_JaffaCakes118

Files

f54cf33decc9da33335c52fd6f2c7017_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f4afdc1187e9d875c24cb69f4c365ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

shlwapi

SHGetValueA
SHSetValueA
StrStrIA
SHEnumValueA
SHEnumKeyExA

ole32

CoInitialize
CoCreateInstance
CoCreateGuid

rpcrt4

UuidToStringA

user32

wsprintfA

advapi32

CreateServiceA
CryptGenRandom
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenSCManagerA
DeleteService
OpenServiceA
StartServiceA
CryptAcquireContextA
CloseServiceHandle
CryptReleaseContext

msvcrt

wctomb
__mb_cur_max
islower
atoi
strerror
strncpy
isalnum
wcscpy
mbstowcs
sprintf
srand
time
printf
isxdigit
strcat
strcpy
memcmp
tolower
isspace
ispunct
isupper
fclose
fwrite
fopen
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strlen
??2@YAPAXI@Z
isalpha
isgraph
free
malloc
memset
memcpy
rand

imagehlp

ImageNtHeader

kernel32

GetFileAttributesExA
GetLastError
lstrlenA
WideCharToMultiByte
FindNextFileA
GetPrivateProfileStringA
GetFileAttributesA
FindFirstFileA
GetModuleHandleA
CreateFileA
CloseHandle
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetStartupInfoA
SetFileTime

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f4afdc1187e9d875c24cb69f4c365ef

Headers

File Characteristics

Imports

shell32

shlwapi

ole32

rpcrt4

user32

advapi32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 108KB - Virtual size: 106KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 108KB - Virtual size: 106KB