3e3642943af05ef6c784a4a18a9f7df0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3e3642943af05ef6c784a4a18a9f7df0_JaffaCakes118
Size

184KB
MD5

3e3642943af05ef6c784a4a18a9f7df0
SHA1

d6704532cf870cfd919f19ac2aed9e5cbcc9446b
SHA256

0223a5f49c03b6b084e4effbd310f1abab6f599a8d25c1e1e7cbf2a820719e8f
SHA512

540c87c3e17162e40d6b647863f77305625a5c6611c6946250824973260fde1b2ffc3f73abf3db928b748e5c7a9b215054f5b4d6724229b3f568ca6003e0aa3d
SSDEEP

3072:5++5/NY2ZMU4zFiab3eXG8GFYA68v4byaN2ZUQ384AfiNFPYfU/iCvYMw:NFY4Mjb+FO84AqNFPY+2M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e3642943af05ef6c784a4a18a9f7df0_JaffaCakes118

Files

3e3642943af05ef6c784a4a18a9f7df0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b5bacc78926dca4f88926ee63557085

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA

msvcrt

_strrev
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_ftol
srand
rand
??2@YAPAXI@Z
??3@YAXPAX@Z
strncpy
__CxxFrameHandler
strcmp
memcpy
strlen
memset
strchr
_except_handler3
_stricmp

user32

wsprintfA
CharNextA

kernel32

GetModuleHandleA
GetLastError
ExitProcess
CreateDirectoryA
SetEnvironmentVariableA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
GetTempPathA
GetCurrentDirectoryA
MoveFileA
CloseHandle
SetFileTime
GetFileTime
GetSystemDirectoryA
WriteFile
CreateFileA
GetTickCount
GetModuleFileNameA
WaitForSingleObject
lstrcatA
GetFileAttributesA
GetShortPathNameA
SleepEx
ExpandEnvironmentStringsA
OpenEventA
SetUnhandledExceptionFilter
GetCommandLineA
GetCurrentProcess
DeleteFileA
SetFileAttributesA
GetStartupInfoA
Sleep
CreateEventA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetServiceKeyNameA
GetServiceDisplayNameA
ControlService
CreateServiceA
RegSaveKeyA
RegRestoreKeyA
DeleteService
CloseServiceHandle
ChangeServiceConfig2A
RegConnectRegistryA
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
StartServiceA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b5bacc78926dca4f88926ee63557085

Headers

File Characteristics

Imports

shlwapi

msvcrt

user32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 164KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 3KB