c14aaedd6e06b157f0dcf3c1983ae66f_JaffaCakes118

General

Target

c14aaedd6e06b157f0dcf3c1983ae66f_JaffaCakes118
Size

57KB
MD5

c14aaedd6e06b157f0dcf3c1983ae66f
SHA1

1bf14647452fc6ac8d7728c046f4033deb5ff128
SHA256

20b777881ec28321e839040b70966ee6647a5f138e8043add247f8c8677c3b49
SHA512

7139dab85c824cb520f856f90958457b5ef066a34f987abb864afb3eb7538fa920ed3760722a8cc2f68b001cc5c351d656faf060750d559c4d9d7ce531f27e3a
SSDEEP

1536:wdKbv3/OaEO/1n9JMcU0/KDcKOY/h4icMF6DDM:Hv3/j/13F/KDFh4jMF6D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c14aaedd6e06b157f0dcf3c1983ae66f_JaffaCakes118

Files

c14aaedd6e06b157f0dcf3c1983ae66f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d6a14b34dd31fd3259d4f758f883930

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__CxxFrameHandler
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
strncat
srand
rand
_CxxThrowException

kernel32

GetStartupInfoA
GetModuleHandleA
GetCurrentThreadId
GetModuleFileNameA
lstrcmpiA
SetLastError
GetFileAttributesA
Sleep
CreateFileA
FindResourceA
lstrcpynA
LoadResource
GetTickCount
SetFileTime
WriteFile
SizeofResource
lstrcatA
FindFirstFileA
GetLastError
FindClose
MoveFileA
CloseHandle
SetErrorMode
DeleteFileA
lstrcpyA
lstrlenA
GetTempPathA

user32

wsprintfA
PostThreadMessageA
GetInputState
GetMessageA

advapi32

QueryServiceStatus
RegOpenKeyExA
ChangeServiceConfigA
StartServiceA
RegCreateKeyA
CreateServiceA
RegQueryValueExA
RegSetValueExA
CloseServiceHandle
OpenServiceA
OpenSCManagerA
ControlService
RegCloseKey

shell32

SHGetFolderPathA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d6a14b34dd31fd3259d4f758f883930

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

advapi32

shell32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 364B

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 364B

.rsrc
Size: 48KB - Virtual size: 47KB