02e7aa2c4c4a2270a781128ea9a988c7_JaffaCakes118

General

Target

02e7aa2c4c4a2270a781128ea9a988c7_JaffaCakes118
Size

176KB
MD5

02e7aa2c4c4a2270a781128ea9a988c7
SHA1

7b72bd0fb2ef975c4a4d3a8a2c51ad226cf4b455
SHA256

ede8e90458027e7c8df87afaeb19151e331f38942dafbf67c13982fc3047175e
SHA512

6471facd318f6a880bd2d44d7c3783ebd846e380f5343a471d16d301e262637e9ab253b903c524c662ec05bdf599e55e5d7c4910e980f7962334e34fdd3de1ff
SSDEEP

3072:4MTfcOOhz868Kj4RgujRci8BDHySGuoN+glau5uiEB:4MTbOxrj4OPBDSfnlREiEB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e7aa2c4c4a2270a781128ea9a988c7_JaffaCakes118

Files

02e7aa2c4c4a2270a781128ea9a988c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0c67b058a2c80c54ab9800da720219b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

ole32

CoCreateGuid
CoInitialize
CoCreateInstance

advapi32

StartServiceA
CreateServiceA
OpenSCManagerA
DeleteService
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CloseServiceHandle
OpenServiceA

user32

wsprintfA

shlwapi

StrStrIA
SHSetValueA
SHGetValueA
SHEnumKeyExA
SHEnumValueA

rpcrt4

UuidToStringA

msvcrt

srand
time
printf
atoi
strlen
??2@YAPAXI@Z
sprintf
fclose
fwrite
fopen
strcat
strcpy
free
tolower
wctomb
__mb_cur_max
ispunct
isalnum
isalpha
memcmp
strerror
isgraph
isxdigit
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
mbstowcs
wcscpy
rand
strncpy
islower
isspace
malloc
memset
memcpy
isupper

imagehlp

ImageNtHeader

kernel32

GetLastError
GetModuleHandleA
GetFileAttributesExA
SetFileTime
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
lstrlenA
CreateFileA
CloseHandle
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0c67b058a2c80c54ab9800da720219b5

Headers

File Characteristics

Imports

shell32

ole32

advapi32

user32

shlwapi

rpcrt4

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 104KB - Virtual size: 102KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 104KB - Virtual size: 102KB