212783e283ae3b58664797ac4b47b67d_JaffaCakes118 | Triage

Sharing

General

Target

212783e283ae3b58664797ac4b47b67d_JaffaCakes118
Size

9KB
MD5

212783e283ae3b58664797ac4b47b67d
SHA1

3bc38e1c942695ce6e066771ff8a33aa6ce2892d
SHA256

4935d36371a6b95535e104786eea7a13b1f7d0fff64fed5c04c870e9791af3a8
SHA512

404cfd1d998a039b701096e73dca7dd4ba5d862ea402ca2daedd340a75e79dc92a85ab718cfcad998d3747e8e23dca14cae261fd40695a42eb899b1830be1fd5
SSDEEP

192:WukomMh/5SlU3fi+9v6tQmjB6WFA5CIynHh35RwLW2m+u8yDDKs:bkomMh/5MU3fpit78WFA5ARqlHu8y6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
212783e283ae3b58664797ac4b47b67d_JaffaCakes118

Files

212783e283ae3b58664797ac4b47b67d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

51352db409b02aa91ca3c05709a31217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CopyFileA
MoveFileExA
DeleteFileA
CreateDirectoryA
GetWindowsDirectoryA
CreateThread
CreateMutexA
GetCommandLineA
Sleep
LoadLibraryA
GetVersionExA
GetProcAddress
FreeLibrary
GetTempPathA
CreateFileA
GetFileSize
SetFilePointer
WriteFile
CloseHandle
GetModuleFileNameA
WideCharToMultiByte

user32

MessageBoxA

advapi32

ChangeServiceConfigA
StartServiceCtrlDispatcherA
CreateServiceA
CloseServiceHandle
QueryServiceStatus
ControlService
ChangeServiceConfig2A
OpenSCManagerA
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus

ws2_32

htons
socket
recv
setsockopt
connect
gethostbyname
gethostname
WSAStartup
send
closesocket
inet_ntoa
WSAGetLastError

Sections

EnVon
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ