dc301a243305015571dc3ec0ddb783a6_JaffaCakes118

General

Target

dc301a243305015571dc3ec0ddb783a6_JaffaCakes118
Size

176KB
MD5

dc301a243305015571dc3ec0ddb783a6
SHA1

2aadd4d333dbfd7cccc52c48eed10820c4224cc8
SHA256

6998d8db3063d6435fd9046f5243c57e786d4b1b98f344ce54606bf0c9c5e0b6
SHA512

58b045cb762a48f76757d29026e18905639a492853498ffb23045acbadebd81c94f90082ca38c1c3ab764500e15b02ab340ce308ebe14646660e0aa087eb26b9
SSDEEP

3072:uNfmIlm6jTtmO8jwXrzTfG0Knda0haUuAXNzbH589FzH:uN+mmmTtmV8Xrz7Gdkuzub

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc301a243305015571dc3ec0ddb783a6_JaffaCakes118

Files

dc301a243305015571dc3ec0ddb783a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5032847cbca8b4168fbd08c8b859fc9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

advapi32

DeleteService
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
OpenSCManagerA

shlwapi

StrStrIA
SHSetValueA
SHEnumValueA
SHGetValueA
SHEnumKeyExA

user32

wsprintfA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

imagehlp

ImageNtHeader

kernel32

GetLastError
GetFileAttributesExA
SetFileTime
CreateFileA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
FindFirstFileA
GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryA
lstrlenA
WideCharToMultiByte
CloseHandle
FindNextFileA
GetPrivateProfileStringA
GetFileAttributesA

msvcrt

exit
_acmdln
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_initterm
fclose
fwrite
fopen
isupper
strlen
sprintf
isxdigit
strcat
strcpy
malloc
free
memcpy
memset
strerror
isspace
tolower
isgraph
printf
islower
ispunct
wctomb
__mb_cur_max
??2@YAPAXI@Z
isalnum
isalpha
atoi
strncpy
rand
wcscpy
mbstowcs
srand
time
memcmp
_exit
_XcptFilter

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5032847cbca8b4168fbd08c8b859fc9f

Headers

File Characteristics

Imports

rpcrt4

advapi32

shlwapi

user32

shell32

ole32

imagehlp

kernel32

msvcrt

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 104KB - Virtual size: 102KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 104KB - Virtual size: 102KB