cdeb041afa6e63bdffc8ecc02a54ba93_JaffaCakes118

General

Target

cdeb041afa6e63bdffc8ecc02a54ba93_JaffaCakes118
Size

184KB
MD5

cdeb041afa6e63bdffc8ecc02a54ba93
SHA1

b722fa8c31aa5569e21e7b243aebe7eb4ba4cf48
SHA256

8d066f40127cb20bb78fbfcf09cb9ac192af9d163c79f600d7bc763a4e864a65
SHA512

3d50607004a7e983f3f2c2aff80b2597579782c4fc6d007439ea47a1ef5cda75ddbdbd19e407e807070a83f5101049d147462ba8530af72cb07077f6ea4e0d4e
SSDEEP

3072:SlxHExF/fkSSKEMNttlYd+5WSKFTdqxYx5IZ:8gFHkNKbtymAIZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cdeb041afa6e63bdffc8ecc02a54ba93_JaffaCakes118

Files

cdeb041afa6e63bdffc8ecc02a54ba93_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16f16b83a802e22b41dee6ff5de89e11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

rpcrt4

UuidToStringA

shlwapi

SHEnumValueA
SHEnumKeyExA
SHSetValueA
SHGetValueA
StrStrIA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

advapi32

CryptAcquireContextA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
OpenSCManagerA
DeleteService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
CryptReleaseContext
CryptGenRandom
RegCloseKey

msvcrt

printf
strlen
ispunct
wctomb
__mb_cur_max
fwrite
strcpy
fopen
isupper
strncpy
rand
wcscpy
mbstowcs
sprintf
srand
isalnum
atoi
tolower
isxdigit
strerror
islower
??2@YAPAXI@Z
isspace
isalpha
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strcat
isgraph
time
malloc
memcmp
free
memset
memcpy
fclose

imagehlp

ImageNtHeader

kernel32

GetLocalTime
SleepEx
GetSystemDirectoryA
CreateFileA
SetFileTime
GetFileAttributesExA
GetLastError
lstrlenA
GetModuleHandleA
ExitProcess
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
GetStartupInfoA
GetVersionExA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16f16b83a802e22b41dee6ff5de89e11

Headers

File Characteristics

Imports

user32

rpcrt4

shlwapi

shell32

ole32

advapi32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 112KB - Virtual size: 109KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 112KB - Virtual size: 109KB