dd99fe8d7500c1cfd227a708335bf1cc_JaffaCakes118

General

Target

dd99fe8d7500c1cfd227a708335bf1cc_JaffaCakes118
Size

177KB
MD5

dd99fe8d7500c1cfd227a708335bf1cc
SHA1

17b2f4d4edeebe68403be39a8e1f5e94693691c8
SHA256

168a213e59ddc999432cde3b945be4cf8a5e778fbe7a998a68ccdac8c9508d9d
SHA512

c84031c6ab649489419352c22e758fa641c3a3d3e63ed2658bcc1d7f8c2dfdda2521ded72a8d082c82b41a11fcaf75d507231eb8834d650d2f0e190a9467d4f0
SSDEEP

3072:YlxHExx/fkSSKEMNttlYd+5WSKFTdqxYx5IZO:egxHkNKbtymAIZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd99fe8d7500c1cfd227a708335bf1cc_JaffaCakes118

Files

dd99fe8d7500c1cfd227a708335bf1cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

16f16b83a802e22b41dee6ff5de89e11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

rpcrt4

UuidToStringA

shlwapi

SHEnumValueA
SHEnumKeyExA
SHSetValueA
SHGetValueA
StrStrIA

shell32

SHGetSpecialFolderPathA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

advapi32

CryptAcquireContextA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
OpenSCManagerA
DeleteService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
CryptReleaseContext
CryptGenRandom
RegCloseKey

msvcrt

printf
strlen
ispunct
wctomb
__mb_cur_max
fwrite
strcpy
fopen
isupper
strncpy
rand
wcscpy
mbstowcs
sprintf
srand
isalnum
atoi
tolower
isxdigit
strerror
islower
??2@YAPAXI@Z
isspace
isalpha
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strcat
isgraph
time
malloc
memcmp
free
memset
memcpy
fclose

imagehlp

ImageNtHeader

kernel32

GetLocalTime
SleepEx
GetSystemDirectoryA
CreateFileA
SetFileTime
GetFileAttributesExA
GetLastError
lstrlenA
GetModuleHandleA
ExitProcess
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
GetStartupInfoA
GetVersionExA

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

16f16b83a802e22b41dee6ff5de89e11

Headers

File Characteristics

Imports

user32

rpcrt4

shlwapi

shell32

ole32

advapi32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 18KB - Virtual size: 18KB

.data Size: 109KB - Virtual size: 109KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 18KB - Virtual size: 18KB

.data
Size: 109KB - Virtual size: 109KB