a12090d3b07298095b9e772e7cf7f115_JaffaCakes118

General

Target

a12090d3b07298095b9e772e7cf7f115_JaffaCakes118
Size

11KB
MD5

a12090d3b07298095b9e772e7cf7f115
SHA1

d62cc759820fea1481875833f32b0df22b1a2bb0
SHA256

26758adfa2cbd6507f14a3d8d0ac4b4695144827494c6802bb273ed300b585a2
SHA512

7897ea96f5576d1ed999cba37c0bd8d1a08793457e2b798bae763d7ed5dde17c594c2dc7b1ff109e027779c2a43f59a65feba686439323aad1a8b95909bd4905
SSDEEP

192:jnBZuHrMCzAQQmciW4qZsOoJaRTd7nQmspUoyns+6Xhd:jQrMsd+i8xQmsuu+6X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a12090d3b07298095b9e772e7cf7f115_JaffaCakes118

Files

a12090d3b07298095b9e772e7cf7f115_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1a3808867afe329df9bf69c31895a50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
strncat
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
toupper
fopen
fprintf
fclose
sprintf
_ftol
ceil
exit
strncpy
_beginthread
strstr
srand
rand
_snprintf
_vsnprintf

kernel32

GetStartupInfoA
GetVersionExA
CreateFileA
WriteFile
CloseHandle
MoveFileExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
SetFileAttributesA
QueryPerformanceFrequency
GetTempPathA
LocalAlloc
GetLastError
CreateMutexA
WaitForSingleObject
WinExec
GetComputerNameA
GetLocaleInfoA
GetTickCount
Sleep
ReleaseMutex
SetErrorMode
ExitProcess
QueryPerformanceCounter

user32

FindWindowA

advapi32

RegisterServiceCtrlHandlerA
QueryServiceConfigA
ChangeServiceConfigA
SetServiceStatus
OpenSCManagerA
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
OpenServiceA
StartServiceA
StartServiceCtrlDispatcherA
DeleteService

shell32

ShellExecuteA

wininet

InternetGetConnectedState

ws2_32

send
closesocket
connect
htons
socket
recv
WSACleanup
WSAStartup
gethostbyname
inet_addr

urlmon

URLDownloadToFileA

Sections

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b1a3808867afe329df9bf69c31895a50

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

wininet

ws2_32

urlmon

Sections

.data Size: 10KB - Virtual size: 10KB

.data
Size: 10KB - Virtual size: 10KB