19c4a4c42fc0f4a3db5744ee648cff6b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19c4a4c42fc0f4a3db5744ee648cff6b_JaffaCakes118
Size

49KB
MD5

19c4a4c42fc0f4a3db5744ee648cff6b
SHA1

81f7bdfc28a3ab87e53c039bcda5d4decfa52245
SHA256

cc62332386785ca841de724190fb149727538cf5f75734abba41cdfcc21b13bf
SHA512

f204b4eafe227533869ea7d9138e7cda02236ab8224bd6f0fea16ed119bfc484d2a2221a838079f59c4b5d666b5136b973fe86313492c5470d76db85a81ccc64
SSDEEP

1536:OfacPecUr0BcG2uBoe0PwSq4fch65KZcN:PceX3q49pN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c4a4c42fc0f4a3db5744ee648cff6b_JaffaCakes118

Files

19c4a4c42fc0f4a3db5744ee648cff6b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

282764cd6be8ec96556a16169dcb4111

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
GetTempPathA
DeleteFileA
GetLastError
GetWindowsDirectoryA
MoveFileA
Sleep
GetSystemDirectoryA
CreateProcessA
CloseHandle
GetCommandLineA

advapi32

OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
DeleteService

msvcrt

strrchr
_strlwr
strcpy
fclose
fwrite
fopen
strlen
memset
sprintf
strcat
_stricmp
time
_snprintf

shlwapi

SHSetValueA

setupapi

SetupIterateCabinetA

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 992B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ