125f9f72e6adca2010ebdcccd46fb374_JaffaCakes118

General

Target

125f9f72e6adca2010ebdcccd46fb374_JaffaCakes118
Size

10KB
MD5

125f9f72e6adca2010ebdcccd46fb374
SHA1

8bdf24176a4ef87551d39d4e04d8f4fe79dcf12e
SHA256

a5c54de483c642c34dd2f66dba18fe168079b5b6f798e2fbd296518821f12e14
SHA512

73d42397e4d0cb83bd95b249b900e0a38aeaa49105d4ded975a8e11739ddc107e4f292cab27ed95a619ed26b2d81dff72824af0906e70ad04623774e4d8d8c30
SSDEEP

192:az2lNzmJ5UG7gmFUoVO6TDwmRiAYGzoNXsvRyJQPajju4V:jNxGk8hDwmRijlXsvRU8ajZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
125f9f72e6adca2010ebdcccd46fb374_JaffaCakes118

Files

125f9f72e6adca2010ebdcccd46fb374_JaffaCakes118
.dll windows:4 windows x86 arch:x86

be5adf7750c48609d9d6f8bcf802e135

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

wininet

InternetCloseHandle
InternetReadFile
InternetSetOptionA
InternetConnectA
HttpOpenRequestA
HttpSendRequestA
HttpQueryInfoA
HttpEndRequestA

advapi32

RegSetValueExA
OpenServiceA
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
SetServiceStatus
RegCreateKeyA
CloseServiceHandle

msvcrt

??1type_info@@UAE@XZ
free
_initterm
malloc
_adjust_fdiv
??2@YAPAXI@Z
??3@YAXPAX@Z
_stricmp
fclose
fwrite
atoi
_beginthreadex
_CxxThrowException
__CxxFrameHandler
strchr
strncat
strncpy
wcstombs
_except_handler3
fopen

kernel32

LoadLibraryA
CloseHandle
SetFileTime
SystemTimeToFileTime
CreateFileA
SetEvent
OpenEventA
FreeLibrary
GetProcAddress
WaitForSingleObject
GetWindowsDirectoryA
GetPrivateProfileStringA
CreateEventA
GetTempPathA
GetSystemDirectoryA
CreateProcessA
DeleteFileA
SetLastError
GetModuleFileNameA
GetLastError
FreeConsole
Sleep

Exports

Exports

InstallService
RundllInstallA
RundllUninstallA
ServiceMain
UninstallService

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

be5adf7750c48609d9d6f8bcf802e135

Headers

File Characteristics

Imports

wininet

advapi32

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 2KB

.reloc Size: 1024B - Virtual size: 648B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 648B