d5b4859b43486da5c8c211f521e53452_JaffaCakes118

General

Target

d5b4859b43486da5c8c211f521e53452_JaffaCakes118
Size

176KB
MD5

d5b4859b43486da5c8c211f521e53452
SHA1

b5740fc516ea0cf34d3363dacc2f2b12b1337c36
SHA256

9bbcbd7e9a472f57d8349ee8888d7d1b1b475d7a8b956738449cd923e9ba632c
SHA512

1b890e4225860589f732e27b5c6638f220a803e1dfee879758ad7d2e91bb2a9907d266c608d7237d25c360ff6d29f768e8764fc04b338cdf5e99e2972774b7ea
SSDEEP

3072:JmjrmjQoTOT0r7pdPGCXnEl+ImVXPj+tR6JbFn5WSjU3KfIk+6vjrOiB4/j9H3IR:AjijQoTt5de2ImXPabSN5xPE6vHB4XfU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5b4859b43486da5c8c211f521e53452_JaffaCakes118

Files

d5b4859b43486da5c8c211f521e53452_JaffaCakes118
.exe windows:4 windows x86 arch:x86

15b7bf7614642eeb39f655a47f08c7dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

user32

wsprintfA

advapi32

OpenServiceA
RegCreateKeyExA
RegSetValueExA
OpenSCManagerA
RegCloseKey
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CloseServiceHandle
CreateServiceA
StartServiceA
DeleteService

shlwapi

SHEnumKeyExA
SHEnumValueA
StrStrIA
SHSetValueA
SHGetValueA

ole32

CoCreateInstance
CoInitialize
CoCreateGuid

msvcrt

sprintf
srand
time
atoi
strlen
tolower
mbstowcs
isxdigit
strcat
strcpy
wctomb
malloc
__mb_cur_max
free
memcmp
fclose
fwrite
fopen
ispunct
isalnum
isupper
isspace
isgraph
islower
printf
isalpha
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
wcscpy
rand
strncpy
??2@YAPAXI@Z
memset
memcpy
strerror

imagehlp

ImageNtHeader

kernel32

GetModuleHandleA
GetFileAttributesExA
SetFileTime
lstrlenA
GetLastError
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CreateFileA
CloseHandle
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetStartupInfoA
WideCharToMultiByte

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

15b7bf7614642eeb39f655a47f08c7dc

Headers

File Characteristics

Imports

rpcrt4

shell32

user32

advapi32

shlwapi

ole32

msvcrt

imagehlp

kernel32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 108KB - Virtual size: 106KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 108KB - Virtual size: 106KB