f9666b3f817a5328023335a9d46e86c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9666b3f817a5328023335a9d46e86c9_JaffaCakes118
Size

12KB
MD5

f9666b3f817a5328023335a9d46e86c9
SHA1

b539a7b45c514178b2a9435cf3884d99cedfb60f
SHA256

ba30a9bf4c9ddd8cb15696c90e9471c2bf57500b6c83cd4d58789e4d9bcc5249
SHA512

b48ffe8e93159f92b501770b7ca88cd5c1d4308a2e1346ed068522f60e863cb4de65d6d8ff3773c79cb69eb5599d0f580d489e804f1fbb7e40a32df7f6f10a52
SSDEEP

192:bZkoBQoDWSXB2LwTrKaDumgza/Ra9qZ5fEYjVWlH9ozpi9RF+u:6oBQoNX8LhaDumgMMgZ5fxjsno

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9666b3f817a5328023335a9d46e86c9_JaffaCakes118

Files

f9666b3f817a5328023335a9d46e86c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8ad7659536f96616b4b10bc044ee106

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
SizeofResource
CreateFileA
LoadResource
FindResourceA
GetTickCount
CloseHandle
Sleep
GetSystemDirectoryA
GetLastError
SetLastError
OutputDebugStringA
lstrlenA
FreeResource
MoveFileA
SetFileAttributesA
DeleteFileA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
GetTempPathA
ResumeThread

user32

wsprintfA

advapi32

CreateServiceA
RegCreateKeyA
RegOpenKeyExA
RegSetValueExA
RegCloseKey
ControlService
OpenSCManagerA
OpenServiceA
ChangeServiceConfigA
StartServiceA
CloseServiceHandle
QueryServiceStatus
DeleteService
RegOpenKeyA

msvcrt

_CxxThrowException
??1type_info@@UAE@XZ
sprintf
__CxxFrameHandler
_except_handler3
??3@YAXPAX@Z

Sections

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ