f4353fe63d16aa233171137bf92b70c7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f4353fe63d16aa233171137bf92b70c7_JaffaCakes118
Size

154KB
MD5

f4353fe63d16aa233171137bf92b70c7
SHA1

d7e6e948c9c5f04fa8a0a74fb7cbc7e5bf198f27
SHA256

2a33cebc1d5fa49685f6788ee64e3299144e156c627ee811cd062f98e97f266d
SHA512

cb245731943057fe7b53a59900a10d3f919b07f01158c0fb414bef702e8b1bebebdcba249d886b8899547438a17c4f6f06cd88f48ebcef5797d5e926a0c58e5b
SSDEEP

3072:qo8tLIOfDauD03sGrXlT1JCZGknLiQ1rmJGrFk8fgJecPR1c/EYi23wirVsnh:qo8+O7at8GblT/CAMrHnWHAEcrOh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4353fe63d16aa233171137bf92b70c7_JaffaCakes118

Files

f4353fe63d16aa233171137bf92b70c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ad275baa0c9d4c53075f21182c5cc1ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
CreateServiceA
OpenSCManagerA
RegCloseKey
RegConnectRegistryA
RegCreateKeyA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
StartServiceA

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCurrentDirectoryA
GetDriveTypeA
GetEnvironmentVariableA
GetModuleFileNameA
GetSystemDirectoryA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
OpenMutexA
ReadFile
SetCurrentDirectoryA
SetFileAttributesA
SetFilePointer
Sleep
WinExec
WriteFile
lstrcatA
lstrlenA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 994B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE