JaffaCakes118_51ce81276e302293b40ea85fde308cda

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_51ce81276e302293b40ea85fde308cda
Size

184KB
MD5

51ce81276e302293b40ea85fde308cda
SHA1

f3239817372cb9e64296f7b994bea72611039110
SHA256

325a55118b9c12f2323b6f952d2d5b7af46c1df5dc61f0f51ba763b00a42f279
SHA512

3684d7fa864d0488b09a3eac0f1ecdc4e88c7d21307cc9d19493247f9e8e3e1c6ed67e4c15321fadb05adb90aaf4853f4e9559ca0d0aa1cbff735a45d79b0124
SSDEEP

3072:oR282m9KOPIj+eL9RDQFFrXsbs1e2KKxuR+4/K/xr8tYs5oGff7GVqUpCs:/vm5B7nru04/oYtYxGff7yO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_51ce81276e302293b40ea85fde308cda

Files

JaffaCakes118_51ce81276e302293b40ea85fde308cda
.exe windows:4 windows x86 arch:x86

1d978d704be9ba95c4c8d282fb78024b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_strrev
_strlwr
_stricmp
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
??1type_info@@UAE@XZ
_ftol
srand
rand
??2@YAPAXI@Z
??3@YAXPAX@Z
strncpy
__CxxFrameHandler
strcmp
memcpy
strlen
memset
strchr
_except_handler3

shlwapi

SHDeleteKeyA

user32

wsprintfA
CharNextA

kernel32

GetModuleHandleA
GetLastError
ExitProcess
CreateDirectoryA
SetEnvironmentVariableA
lstrlenA
lstrcpyA
GetWindowsDirectoryA
GetTempPathA
GetCurrentDirectoryA
MoveFileA
CloseHandle
SetFileTime
GetFileTime
GetSystemDirectoryA
WriteFile
CreateFileA
GetTickCount
GetModuleFileNameA
WaitForSingleObject
lstrcatA
GetFileAttributesA
GetShortPathNameA
SleepEx
ExpandEnvironmentStringsA
OpenEventA
SetUnhandledExceptionFilter
GetCommandLineA
GetCurrentProcess
DeleteFileA
SetFileAttributesA
GetStartupInfoA
Sleep
CreateEventA

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
GetServiceKeyNameA
GetServiceDisplayNameA
ControlService
CreateServiceA
RegSaveKeyA
RegRestoreKeyA
DeleteService
CloseServiceHandle
ChangeServiceConfig2A
RegConnectRegistryA
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
StartServiceA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d978d704be9ba95c4c8d282fb78024b

Headers

File Characteristics

Imports

msvcrt

shlwapi

user32

kernel32

advapi32

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 164KB - Virtual size: 164KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 4KB - Virtual size: 3KB