1b494123f3ccd2fabb77800165ed13b6_JaffaCakes118

General

Target

1b494123f3ccd2fabb77800165ed13b6_JaffaCakes118
Size

176KB
MD5

1b494123f3ccd2fabb77800165ed13b6
SHA1

681a0ef280b85adc22590a22d91ad314e7849a45
SHA256

409484feb768122599d440b56a09ca5087599b55dcd9e2c74ff3ce3fb9464beb
SHA512

48a0d9fd59310b3de13ffc7e3f3dfc97e4b96a1cfdd9bb9bac72a85c9149efcd7b4a9cbe7078b39e7431e9a1a5c0f31da65a7350ac78af0d88b5a6b22e7e695f
SSDEEP

3072:GgWXI3jmF586OF5yNU0PTCc6CpA7ktfV5E1B8c/SND4Hk:GRI3jM586Yyq4tNA7Wt5E1B8FOH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b494123f3ccd2fabb77800165ed13b6_JaffaCakes118

Files

1b494123f3ccd2fabb77800165ed13b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46281df9fa145334e952a56a13b9ab94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

advapi32

RegCreateKeyExA
RegSetValueExA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
RegCloseKey
RegOpenKeyExA

shell32

SHGetSpecialFolderPathA

user32

wsprintfA

shlwapi

StrStrIA
SHSetValueA
SHEnumKeyExA
SHEnumValueA
SHGetValueA

msvcrt

isalpha
isxdigit
strcat
strcpy
free
memcmp
tolower
time
printf
ispunct
isspace
islower
rand
isalnum
strncpy
wcscpy
mbstowcs
srand
atoi
isupper
isgraph
wctomb
__mb_cur_max
strerror
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sprintf
strlen
fopen
fwrite
fclose
memset
memcpy
malloc
??2@YAPAXI@Z

imagehlp

ImageNtHeader

kernel32

GetVersionExA
GetLocalTime
SleepEx
GetModuleHandleA
ExitProcess
GetFileAttributesExA
SetFileTime
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
lstrlenA
GetSystemDirectoryA
CreateFileA
CloseHandle
GetLastError
GetStartupInfoA
WideCharToMultiByte

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46281df9fa145334e952a56a13b9ab94

Headers

File Characteristics

Imports

rpcrt4

ole32

advapi32

shell32

user32

shlwapi

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 104KB - Virtual size: 101KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 104KB - Virtual size: 101KB