e0f63d107a2dff78bad4db72f7b1e1be_JaffaCakes118

General

Target

e0f63d107a2dff78bad4db72f7b1e1be_JaffaCakes118
Size

17KB
MD5

e0f63d107a2dff78bad4db72f7b1e1be
SHA1

61010d6fc93a6c59e870bafc41a23ba4986b7908
SHA256

f463e28ac1526b4b6eeade2a77ce24df2e79f9dd683cae421e102419b7fe56b9
SHA512

dc797623a0154e4da24572f223054477ea696c67613ffc89dce665caec8d26e4f2922528a0baa3ccfcb2784cdc0b2712b5178bfcfe91407c11b1e16cf8abe9e2
SSDEEP

384:65h2I9Ux3wgngwVdA00Udx10bweWSZS86cdjn1YO6:i9Ux1g4eLZSc11Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0f63d107a2dff78bad4db72f7b1e1be_JaffaCakes118

Files

e0f63d107a2dff78bad4db72f7b1e1be_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a6cf4c1763347865b9244acaefdb7364

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTempPathA
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
DeleteFileA
ExpandEnvironmentStringsA
FindNextFileA
Sleep
SetCurrentDirectoryA
lstrcpynA
GetTickCount
ExitProcess
CreateThread
GetLastError
CreateFileMappingA
SetErrorMode
GetTempFileNameA
GetVolumeInformationA
CreateProcessA
GetFileAttributesA
lstrcpyA
lstrcatA
GetProcAddress
LoadLibraryA
FindFirstFileA
lstrlenA
GetModuleHandleA
GetStartupInfoA

advapi32

OpenServiceA
CloseServiceHandle
ChangeServiceConfigA
ControlService
DeleteService
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
OpenSCManagerA

msvcrt

atoi
strstr
malloc
_except_handler3
fclose
ftell
fseek
fopen
fwrite
fputs
fread
memset
strlen
abs
strcat
rand
strcpy
strrchr
strcmp
strtok
printf
srand
__p___argv
__p___argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
sprintf
toupper
_strdup
_strcmpi

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a6cf4c1763347865b9244acaefdb7364

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 27KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 27KB