15ca9e5a820cefd05ce28cba7b842937_JaffaCakes118

General

Target

15ca9e5a820cefd05ce28cba7b842937_JaffaCakes118
Size

127KB
MD5

15ca9e5a820cefd05ce28cba7b842937
SHA1

49cf459d7b2f16a0ddb360b6a2a294e319ace4fe
SHA256

31a5ca5e4e880d0a1f37eb7cba5ce4a0cd374c3f22bc7a6be8bf957fe72ecb9b
SHA512

733d3e894ee5af7e51bfdb17fca8a07a883fa099801298987d8d6148eead8f2ea701087206b4c52276d49b65eccdb7bf460efe6cbc1215b38cb6c2b2c3949ae8
SSDEEP

3072:KcESYPiFmF40HlbhyOwuHfi+56DSxRwMT+gg5ggCT6odKP0VLIP:UZPiFsVlbqU6+1PMCT67MVLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ca9e5a820cefd05ce28cba7b842937_JaffaCakes118

Files

15ca9e5a820cefd05ce28cba7b842937_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c690994a8f1979ee080b86a787c1175f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
??1type_info@@UAE@XZ
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
strstr
__CxxFrameHandler
time
srand
rand
??3@YAXPAX@Z
??2@YAPAXI@Z
_except_handler3
malloc
realloc

kernel32

GetStartupInfoA
GetModuleHandleA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
HeapAlloc
GetProcessHeap
Process32Next
ExitProcess
CloseHandle
GetCurrentProcess
lstrlenA
WriteFile
GlobalFree
GlobalAlloc
SetFileTime
LocalFileTimeToFileTime
SetUnhandledExceptionFilter
GetLastError
Sleep
lstrcatA
DeleteFileA
lstrcpyA

advapi32

OpenServiceA
OpenSCManagerA
RegOpenKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegSetKeySecurity
RegCloseKey
FreeSid

user32

IsCharAlphaNumericA

shell32

SHGetSpecialFolderPathA

dbghelp

MakeSureDirectoryPathExists

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c690994a8f1979ee080b86a787c1175f

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

shell32

dbghelp

Sections

.text Size: 10KB - Virtual size: 10KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 108KB - Virtual size: 108KB

.text
Size: 10KB - Virtual size: 10KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 108KB - Virtual size: 108KB