a32319f106878a75a9c83842009a50cc_JaffaCakes118

General

Target

a32319f106878a75a9c83842009a50cc_JaffaCakes118
Size

180KB
MD5

a32319f106878a75a9c83842009a50cc
SHA1

61410103a28aa2b8974ac87e4e43d1ae7315ffc0
SHA256

bac543237f9a58b9a528e1ef4c843b921cf89766761f94497578a2e66ea1037f
SHA512

bd915ed521abed2393dcecb7866c6a5b399c09cc147414df9a13b905d27789aab63e835b106daa1e1122eee0cec11a7452ff14177c31a5df945a36164fb7289b
SSDEEP

3072:jjUDlTv6FaXMJTDaUWe1pDQ2kLYyLLFiwZujcHGwa1HzqAV84+iLEuBQNRGQeJOp:jjUDlTga81aUWe1pDQ2kLYyLLFiw4AmJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a32319f106878a75a9c83842009a50cc_JaffaCakes118

Files

a32319f106878a75a9c83842009a50cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e52b9d04b0b667a555eabbb438ed6fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA

shell32

SHGetSpecialFolderPathA

rpcrt4

UuidToStringA

user32

wsprintfA

shlwapi

SHEnumValueA
StrStrIA
SHSetValueA
SHGetValueA
SHEnumKeyExA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

msvcrt

wcscpy
mbstowcs
sprintf
srand
time
atoi
isspace
strerror
free
memcmp
fwrite
fclose
fopen
rand
isxdigit
isupper
islower
??2@YAPAXI@Z
tolower
strcat
strcpy
isalpha
isgraph
ispunct
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strncpy
memcpy
__mb_cur_max
wctomb
isalnum
memset
strlen
printf
malloc

imagehlp

ImageNtHeader

kernel32

GetLastError
GetModuleHandleA
GetFileAttributesExA
SetFileTime
lstrlenA
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
CreateFileA
CloseHandle
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetStartupInfoA

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1e52b9d04b0b667a555eabbb438ed6fa

Headers

File Characteristics

Imports

advapi32

shell32

rpcrt4

user32

shlwapi

ole32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 108KB - Virtual size: 105KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 108KB - Virtual size: 105KB