25a6726284b15e651b0a50e410758fe0_JaffaCakes118

General

Target

25a6726284b15e651b0a50e410758fe0_JaffaCakes118
Size

176KB
MD5

25a6726284b15e651b0a50e410758fe0
SHA1

a5c7a9180eb9f752eda659fb9de588066418aa20
SHA256

17447f44bb59fd47171228ad99915fd6e3c3912bffe45b1e4e029553f9b49a35
SHA512

ad7da428fa564501eab04cb7583e9eb1a8f6762661e0afb62d8c33b128dd5e65bac670848f3752ba05d86bb9c9a637a81b2e3ac83a293a0ebb0e6a6c7f12b6b6
SSDEEP

3072:WJXa985reUxS7FhqwH/xWKTK7p8Y+v8pU55gntpfK:Ya25LS7FhzH/xWjpd46v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25a6726284b15e651b0a50e410758fe0_JaffaCakes118

Files

25a6726284b15e651b0a50e410758fe0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd81b1c296db9cee7eb2556fd3264f72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

user32

wsprintfA

shell32

SHGetSpecialFolderPathA

shlwapi

SHSetValueA
SHEnumKeyExA
SHGetValueA
SHEnumValueA
StrStrIA

advapi32

CryptGenRandom
OpenServiceA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegCloseKey
CryptAcquireContextA
CryptReleaseContext
OpenSCManagerA
DeleteService
CloseServiceHandle
CreateServiceA
StartServiceA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

msvcrt

strcpy
??2@YAPAXI@Z
ispunct
printf
strlen
isalpha
strcat
tolower
strerror
isupper
isalnum
wctomb
__mb_cur_max
isgraph
fwrite
fclose
fopen
strncpy
rand
wcscpy
mbstowcs
sprintf
srand
atoi
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
islower
time
malloc
memcmp
free
isspace
memcpy
memset
isxdigit

imagehlp

ImageNtHeader

kernel32

SleepEx
GetSystemDirectoryA
lstrlenA
SetFileTime
GetFileAttributesExA
GetModuleHandleA
GetLocalTime
GetVersionExA
ExitProcess
FindFirstFileA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
CreateFileA
CloseHandle
GetLastError
GetStartupInfoA
GetFileAttributesA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cd81b1c296db9cee7eb2556fd3264f72

Headers

File Characteristics

Imports

rpcrt4

user32

shell32

shlwapi

advapi32

ole32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 104KB - Virtual size: 102KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 104KB - Virtual size: 102KB