ef481fa7ecc19b56e07eaf544d8884c2_JaffaCakes118

General

Target

ef481fa7ecc19b56e07eaf544d8884c2_JaffaCakes118
Size

180KB
MD5

ef481fa7ecc19b56e07eaf544d8884c2
SHA1

631958dfb35398d24672dab39763a6a72e501cd3
SHA256

ee84997d43ffe97181d789b9e6ee7608bc2511b1a89bf36f56d079524fb89f41
SHA512

2e2f27cffcc00715e7c018c329902a67a9b05392bd48c1642b1dba45077504427d21693e9d52eeaf344ca172a537978ee6f0a9516d65e923acc696880b6b57ed
SSDEEP

3072:q4I36GosjdFaOpCIA7Cga5gk20hxrVaD+Gn5WZ/uTHjNMzrr7Ayafbt7:q/36GosjdFAImC55tx5aV8Z/u2zr/AdR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef481fa7ecc19b56e07eaf544d8884c2_JaffaCakes118

Files

ef481fa7ecc19b56e07eaf544d8884c2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3ed3c3e0f6eb1ee12e36e7b7811c0192

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

rpcrt4

UuidToStringA

ole32

CoCreateGuid
CoCreateInstance
CoInitialize

shlwapi

SHEnumKeyExA
SHEnumValueA
StrStrIA
SHGetValueA
SHSetValueA

user32

wsprintfA

shell32

SHGetSpecialFolderPathA

msvcrt

wcscpy
mbstowcs
sprintf
srand
atoi
strlen
fclose
fwrite
fopen
wctomb
__mb_cur_max
strcat
strcpy
rand
islower
isxdigit
ispunct
printf
isspace
tolower
isupper
??2@YAPAXI@Z
isalnum
isalpha
strerror
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strncpy
isgraph
time
memset
malloc
memcpy
memcmp
free

imagehlp

ImageNtHeader

kernel32

GetLastError
FindFirstFileA
GetModuleHandleA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
GetFileAttributesExA
SetFileTime
lstrlenA
CreateFileA
CloseHandle
GetSystemDirectoryA
SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetStartupInfoA
GetFileAttributesA

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3ed3c3e0f6eb1ee12e36e7b7811c0192

Headers

File Characteristics

Imports

advapi32

rpcrt4

ole32

shlwapi

user32

shell32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 108KB - Virtual size: 105KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 108KB - Virtual size: 105KB