457816f79c68b2467ad002b0a5689df1_JaffaCakes118

General

Target

457816f79c68b2467ad002b0a5689df1_JaffaCakes118
Size

176KB
MD5

457816f79c68b2467ad002b0a5689df1
SHA1

a2ecb9daad7b252707f05317414daac2091b95bc
SHA256

0195d2f9e3785a50ea20cba35eb9093e7370ec1ab5c3668381ea962c036582ef
SHA512

0f964fc556224b2b8873c7bc79b8f0afb997a06ec6af46b7a2b24477f18e38d00bd0b145f115cff03ded24156c32f8eaf952e7c58fc4e7245e7963a5cab1b643
SSDEEP

3072:JPyCJ1vWXk5wHAscqXJETPKQ/nGxuQ+8MlRDu+CgePTsXs4KARSvkLV:JtQw41cqXibv9Qy3u+CrPIHt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
457816f79c68b2467ad002b0a5689df1_JaffaCakes118

Files

457816f79c68b2467ad002b0a5689df1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

381a5d5d0a2f23b4792eeb344bd3c952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
RegOpenKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

shlwapi

SHSetValueA
SHEnumKeyExA
SHGetValueA
SHEnumValueA
StrStrIA

user32

wsprintfA

ole32

CoInitialize
CoCreateGuid
CoCreateInstance

msvcrt

strcpy
memset
isalnum
??2@YAPAXI@Z
isxdigit
isspace
ispunct
rand
isalpha
memcmp
wctomb
__mb_cur_max
printf
isgraph
strcat
isupper
strerror
time
atoi
strncpy
wcscpy
mbstowcs
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
sprintf
strlen
tolower
fopen
memcpy
malloc
fclose
free
fwrite
islower

imagehlp

ImageNtHeader

kernel32

SleepEx
GetLocalTime
GetVersionExA
GetModuleHandleA
GetFileAttributesExA
SetFileTime
CreateFileA
GetLastError
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
CloseHandle
WideCharToMultiByte
lstrlenA
GetSystemDirectoryA
GetStartupInfoA
ExitProcess

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

381a5d5d0a2f23b4792eeb344bd3c952

Headers

File Characteristics

Imports

advapi32

rpcrt4

shell32

shlwapi

user32

ole32

msvcrt

imagehlp

kernel32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 104KB - Virtual size: 101KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 104KB - Virtual size: 101KB