056538ad11d2b0b700816ff3978379ab_JaffaCakes118

General

Target

056538ad11d2b0b700816ff3978379ab_JaffaCakes118
Size

184KB
MD5

056538ad11d2b0b700816ff3978379ab
SHA1

a852552388c79bb4e95237518378355ef3996175
SHA256

3527b9d04171ae00d0e906d5a613b3c4aba1b4d07f9c254436eb19260374aee2
SHA512

79775abf52e74d3f26402d7d447650c1862fa8898478a1feb6f0d620656a953f65527a2608794277ded575bbff313df4e7091dbc9c0d57f02956f67a44ca2fae
SSDEEP

3072:44aGRbhG81v/Mle8SjNnaNcz0Zd497InEnQuOh72+WMDNEjyTAqOyk:44JbhG4/MYayIXFEQq4FLOyk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
056538ad11d2b0b700816ff3978379ab_JaffaCakes118

Files

056538ad11d2b0b700816ff3978379ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

10f8edcfdeb4b9e0cdb1af16821e1ce4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

user32

wsprintfA

shlwapi

SHSetValueA
SHGetValueA
SHEnumKeyExA
SHEnumValueA
StrStrIA

advapi32

OpenServiceA
CryptGenRandom
OpenSCManagerA
DeleteService
CryptReleaseContext
StartServiceA
CreateServiceA
CloseServiceHandle
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CryptAcquireContextA

rpcrt4

UuidToStringA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

msvcrt

time
atoi
strlen
malloc
strerror
fwrite
srand
fclose
fopen
strcat
strcpy
isupper
memcmp
isspace
ispunct
isgraph
??2@YAPAXI@Z
tolower
wctomb
__mb_cur_max
isalpha
printf
isalnum
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sprintf
islower
mbstowcs
wcscpy
rand
strncpy
memcpy
memset
isxdigit
free

imagehlp

ImageNtHeader

kernel32

GetPrivateProfileStringA
GetFileAttributesA
FindFirstFileA
lstrlenA
GetLastError
GetModuleHandleA
FindNextFileA
WideCharToMultiByte
GetFileAttributesExA
CreateFileA
CloseHandle
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetStartupInfoA
SetFileTime

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

10f8edcfdeb4b9e0cdb1af16821e1ce4

Headers

File Characteristics

Imports

shell32

user32

shlwapi

advapi32

rpcrt4

ole32

msvcrt

imagehlp

kernel32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 108KB - Virtual size: 106KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 108KB - Virtual size: 106KB