826f8893377d95003ef7230b9388c92d_JaffaCakes118

General

Target

826f8893377d95003ef7230b9388c92d_JaffaCakes118
Size

53KB
MD5

826f8893377d95003ef7230b9388c92d
SHA1

ebace8732f154a623a93a86689074eb158a3ea0b
SHA256

48dffb4b723ce259e9387f8dacb4bf86e611fc4138d6a8d0bcddb4e275d513fd
SHA512

a9102952e31bb5c7b4bbc20831cb982c758ee67af6c04e995871a9540283da8faab082b8d72be4061f391ce9c4b4b06921afeae5130afc6c606f586ce054b2c1
SSDEEP

768:Nvy/TBbt6tIZC6ynRKnkCBo6vneZc1uEYJg+H4ydpllDehdTRZt6H48VSANqbVZ:xy/+IZCXRYMBc/odlQrfy4EqbVZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
826f8893377d95003ef7230b9388c92d_JaffaCakes118

Files

826f8893377d95003ef7230b9388c92d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ef726923131c09b4fa5603dff82f25b5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetLastError
GetCurrentProcess
LoadLibraryA
WinExec
DeleteFileA
SetFileAttributesA
ExitProcess
GetTickCount
GetTempPathA
LoadResource
GetModuleFileNameA
CopyFileA
lstrcmpiA
GlobalMemoryStatus
SizeofResource
FreeResource
VirtualAlloc
GetModuleHandleA
GetLocaleInfoW
GetComputerNameA
lstrlenA
GlobalMemoryStatusEx
CreateProcessA
Sleep
GetSystemDirectoryA
lstrcatA
GetProcAddress
lstrcpyA
WaitForSingleObject
GetStartupInfoA

advapi32

RegSetValueExA
CreateServiceA
StartServiceA
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

ws2_32

select
__WSAFDIsSet
htonl
recv
WSAStartup
send
sendto
inet_addr
gethostbyname
socket
htons
connect
closesocket

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
realloc
malloc
rand
sprintf
strstr
??2@YAPAXI@Z
fread
ftell
fseek
fclose
fopen
atoi
strncpy
strcspn
_except_handler3
_exit
_XcptFilter

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef726923131c09b4fa5603dff82f25b5

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

msvcrt

Sections

.text Size: 28KB - Virtual size: 27KB

.rsrc Size: 24KB - Virtual size: 23KB

.text
Size: 28KB - Virtual size: 27KB

.rsrc
Size: 24KB - Virtual size: 23KB