9548e5ed4fbacd0ed4a9d6a27f5d8fec_JaffaCakes118

General

Target

9548e5ed4fbacd0ed4a9d6a27f5d8fec_JaffaCakes118
Size

13KB
MD5

9548e5ed4fbacd0ed4a9d6a27f5d8fec
SHA1

5164b139bcd62926be5ebc40605b1c0569909ead
SHA256

8f0a426fc1b7885a2785c5442d12b9387e84a8ee75daae0234d78b513c7b5c8c
SHA512

7feb1c00db9063011ec5704de7dc0ca7a69c04fcc00619c594fbefd99a869beccb7792a7d4bb9a6df28e686bbf74f73984d0bb938a1577742be31495e84d5d96
SSDEEP

384:34PEZurcNILgbqs0HVi7vH1dloQZT137dI:HZnKLgt0HEvH1d9ZR37y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9548e5ed4fbacd0ed4a9d6a27f5d8fec_JaffaCakes118

Files

9548e5ed4fbacd0ed4a9d6a27f5d8fec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e4481e19143a13b14a0fc3fb43f913a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
lstrlenA
GetLongPathNameA
OutputDebugStringA
GetCurrentDirectoryA
CreatePipe
GetStartupInfoA
CreateProcessA
CloseHandle
ReadFile
CreateThread
GetSystemTime
WaitForSingleObject
TerminateThread
Sleep
SetLastError
GetModuleFileNameA

advapi32

OpenServiceA
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus

ws2_32

inet_addr
WSASocketA
closesocket
connect
ioctlsocket
send
select
__WSAFDIsSet
recv
shutdown
WSAStartup
gethostname
WSACleanup
htons

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
InternetReadFile

msvcrt

_chdir
_strnicmp
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_except_handler3
_CxxThrowException
_stricmp
__CxxFrameHandler
strchr
atol
fopen
fwrite
fflush
fclose
??3@YAXPAX@Z
??2@YAPAXI@Z
_itoa
memset
wcstombs
strncpy
strcat
strcpy
atoi
strlen
sscanf
strncat
strstr

Exports

Exports

InstallService
ServiceMain
UninstallService
installA
uninstallA

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4481e19143a13b14a0fc3fb43f913a0

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

wininet

msvcrt

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 6KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 28KB

.reloc Size: 1024B - Virtual size: 916B

.text
Size: 7KB - Virtual size: 6KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 28KB

.reloc
Size: 1024B - Virtual size: 916B