276204e67ec115743ea05202aaafb9bb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

276204e67ec115743ea05202aaafb9bb_JaffaCakes118
Size

21KB
MD5

276204e67ec115743ea05202aaafb9bb
SHA1

f82c259e73dca9d56f64e297114bf7ab67f16c9d
SHA256

bb19f7ade90c8dcd025aa27e889e58af806106806c0501671bcf03d23a078cdc
SHA512

2959f7ee715b78714d0d07723d5e62973b6c024574d29874f2053579d483ba9cf51cb5439075989412dcf8ef4a13c3adcacd6338a2f0491df9d33ec25e070b4a
SSDEEP

384:gJORCA48YotnwNQEU8Wq7ZfweUMY89eVT0cHler6bJGemEvp8JZNZtJ/Bi555eDb:AO+snwqn8WmtTeT0ytJhYtJ/Bi555IKq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
276204e67ec115743ea05202aaafb9bb_JaffaCakes118

Files

276204e67ec115743ea05202aaafb9bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0fdf3e193c54fa2bf9cf2c8d3faed27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
CreateProcessA
Sleep
GetTempFileNameA
GetTempPathA
SetFileTime
GetModuleFileNameA
GetLastError
GetSystemDirectoryA
DeleteFileA
MoveFileExA
DeviceIoControl
CloseHandle
CreateFileA
GetWindowsDirectoryA
GetTickCount

advapi32

ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
DeleteService

msvcrt

memset
_strlwr
strlen
fclose
fwrite
fopen
strncpy
fread
strcat
strcpy
sprintf
_stricmp
strrchr
rand
srand
_snprintf

shlwapi

SHSetValueA

setupapi

SetupIterateCabinetA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 992B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ