3cac362e11dea6c384fb3c7207b4dc1b_JaffaCakes118

General

Target

3cac362e11dea6c384fb3c7207b4dc1b_JaffaCakes118
Size

180KB
MD5

3cac362e11dea6c384fb3c7207b4dc1b
SHA1

914923be77820ddfa235067702d75c660692df06
SHA256

ca3f3585a53ca422b121ef0d30aad2691b53668045d503e0b7a84a2ea559719f
SHA512

23d374ed7eec45a9902629949512c6231df9a8451eb3032854350fa87f6266c24b5c4588304cd4b72dc215dcbd0a9a8f633cb375afdb8bdd3eaab70106f7b631
SSDEEP

3072:fnp6tES3IKwTz+YCKxEsX2cv7x9yo0qolEjKvFT7izc095WiEtfU2+gs0:fnp6Kc0v+YCKR2Qyo0qGEjKvFOHCbl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cac362e11dea6c384fb3c7207b4dc1b_JaffaCakes118

Files

3cac362e11dea6c384fb3c7207b4dc1b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d6ffd9de8421358d1e41ba7cfd2b425

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegSetValueExA
RegCreateKeyExA

ole32

CoInitialize
CoCreateInstance
CoCreateGuid

shell32

SHGetSpecialFolderPathA

shlwapi

SHEnumKeyExA
SHGetValueA
SHSetValueA
StrStrIA
SHEnumValueA

user32

wsprintfA

rpcrt4

UuidToStringA

msvcrt

printf
strlen
isspace
atoi
memcpy
strncpy
rand
wcscpy
mbstowcs
sprintf
srand
time
wctomb
__mb_cur_max
isalpha
islower
isalnum
malloc
fwrite
free
fclose
fopen
memcmp
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memset
tolower
strcpy
strcat
isupper
ispunct
isgraph
strerror
??2@YAPAXI@Z
isxdigit

imagehlp

ImageNtHeader

kernel32

lstrlenA
GetModuleHandleA
GetFileAttributesExA
SetFileTime
GetLastError
CreateFileA
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
GetStartupInfoA

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d6ffd9de8421358d1e41ba7cfd2b425

Headers

File Characteristics

Imports

advapi32

ole32

shell32

shlwapi

user32

rpcrt4

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 108KB - Virtual size: 106KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 108KB - Virtual size: 106KB