60386931e61263eb45e0e0c42197aaf7_JaffaCakes118

General

Target

60386931e61263eb45e0e0c42197aaf7_JaffaCakes118
Size

296KB
MD5

60386931e61263eb45e0e0c42197aaf7
SHA1

e8861d33e47bb4a4045a3a45d4cf750df07d6281
SHA256

b44019ab7d4d46203935d04fc2e4755e85c696322e465fa1bb44e3cde928f907
SHA512

f0327fcbd1138fc593e52adad7ac6e31cbe8c82c08a7962a73da65d05b91408db75b093b007ceabdd445a2755e6371f0f47afab0ed9a25d4f10eda665a05b6f5
SSDEEP

6144:tQ6efvfn8wo4QARMQ6efvfn8wo4QARivUySrbJn:tovkb4QARMovkb4QARCS5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60386931e61263eb45e0e0c42197aaf7_JaffaCakes118

Files

60386931e61263eb45e0e0c42197aaf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1532cc1c145aaa09e168164a99e75bff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateGuid
CoInitialize
CoCreateInstance

advapi32

CryptReleaseContext
OpenSCManagerA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
DeleteService
CryptGenRandom
CryptAcquireContextA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA

user32

wsprintfA

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

shlwapi

SHEnumKeyExA
StrStrIA
SHEnumValueA
SHSetValueA
SHGetValueA

msvcrt

strlen
sprintf
strerror
isalpha
??2@YAPAXI@Z
tolower
wctomb
time
islower
isspace
ispunct
isupper
isxdigit
printf
isalnum
strcat
strcpy
isgraph
isdigit
atoi
strncpy
rand
wcscpy
mbstowcs
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memcmp
fopen
malloc
fclose
free
fwrite
memset
memcpy
__mb_cur_max

imagehlp

ImageNtHeader

kernel32

GetModuleHandleA
GetStartupInfoA
GetFileAttributesExA
SetFileTime
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
CreateFileA
GetLastError
FindFirstFileA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
lstrlenA
GetSystemDirectoryA
GetFileAttributesA

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1532cc1c145aaa09e168164a99e75bff

Headers

File Characteristics

Imports

ole32

advapi32

user32

rpcrt4

shell32

shlwapi

msvcrt

imagehlp

kernel32

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 108KB - Virtual size: 107KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 108KB - Virtual size: 107KB