266b46bf524682b853ad611888a2ced7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

266b46bf524682b853ad611888a2ced7_JaffaCakes118
Size

192KB
MD5

266b46bf524682b853ad611888a2ced7
SHA1

408505060197a4a5820a432b4dd6461c6b8e4a86
SHA256

24fbcc580c2d01a57a0aa1d923ec86afd24c480efa5ed6c5a67ea5a2fa18ae85
SHA512

2ccaec1af3b6b51b38825d61cbe11ee428ad3ccafc58ee9c644ee6b2bf3fd818cf26bc5a9d86e04f2b2945a6346bcd368fc3afbc4b7f00f7f8c2ee8c1188c9a1
SSDEEP

3072:SUyPcq3D38b86VIZU24tr9bd06PJJqrKDZm2p3NDNvZMVxMrznRo/xaSwH621NCS:SzPcqz3S84IO28r9b9JqrKDZzJN5v6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
266b46bf524682b853ad611888a2ced7_JaffaCakes118

Files

266b46bf524682b853ad611888a2ced7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e75c9d283b160bd828628aeb9fcaaf7c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_except_handler3
_cexit
_XcptFilter
_exit
_c_exit
_strlwr
strtok
strstr
strchr
_controlfp
exit
strncpy
_strnicmp

kernel32

GetExitCodeProcess
GetModuleFileNameA
GetStartupInfoA
lstrcmpiA
GetLastError
GetCurrentThreadId
Sleep

advapi32

RegisterServiceCtrlHandlerA
OpenServiceA
CreateServiceA
ChangeServiceConfig2A
ControlService
DeleteService
StartServiceA
QueryServiceStatus
StartServiceCtrlDispatcherA
SetServiceStatus
OpenSCManagerA
CloseServiceHandle

user32

GetMessageA
DispatchMessageA
PostThreadMessageA
wsprintfA

shell32

ShellExecuteExA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 172KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ