ea6c402ee015aa6825670a2f1d831c02_JaffaCakes118

General

Target

ea6c402ee015aa6825670a2f1d831c02_JaffaCakes118
Size

184KB
MD5

ea6c402ee015aa6825670a2f1d831c02
SHA1

fe06b2a024d820b9377828d03491af59a91e1180
SHA256

350e717a2744d09fdf01b7357605607e7d33a0f5de9b7a1aa15a55e46ac6d92b
SHA512

0760641e25b72394de1ed2ec78727de4ee0e8c3a404548e2706d5844bb90b6d9f2e028e915c8e2dbfb1d04289b09e0fe9579d0dbc6afb814dda49133e3d9c2e6
SSDEEP

3072:MgQDtm+s+s/KxRjxFeLLw2CPGI3s+c+x7t4ceX/X62+U0ief1kTNM:lQDtm+s+s/KrtFeLLw2CPHx7tL125uM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6c402ee015aa6825670a2f1d831c02_JaffaCakes118

Files

ea6c402ee015aa6825670a2f1d831c02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

98fc5c94b2d827379d8f462802686720

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathA

rpcrt4

UuidToStringA

user32

wsprintfA

ole32

CoCreateGuid
CoInitialize
CoCreateInstance

advapi32

RegCreateKeyExA
OpenServiceA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
StartServiceA
RegSetValueExA
OpenSCManagerA
DeleteService
RegCloseKey
RegOpenKeyExA
CloseServiceHandle
CreateServiceA

shlwapi

SHGetValueA
SHEnumKeyExA
SHSetValueA
StrStrIA
SHEnumValueA

msvcrt

fwrite
fclose
fopen
tolower
wctomb
__mb_cur_max
isxdigit
??2@YAPAXI@Z
strerror
ispunct
printf
strlen
isspace
isalnum
islower
sprintf
memcmp
time
rand
atoi
strncpy
wcscpy
mbstowcs
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
isgraph
strcpy
strcat
isalpha
memset
memcpy
free
malloc
isupper

imagehlp

ImageNtHeader

kernel32

ExitProcess
GetVersionExA
GetLocalTime
SleepEx
GetModuleHandleA
GetFileAttributesExA
SetFileTime
lstrlenA
GetSystemDirectoryA
GetLastError
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
GetStartupInfoA
CreateFileA

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

98fc5c94b2d827379d8f462802686720

Headers

File Characteristics

Imports

shell32

rpcrt4

user32

ole32

advapi32

shlwapi

msvcrt

imagehlp

kernel32

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 104KB - Virtual size: 103KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 104KB - Virtual size: 103KB