28d44703b46cb0c225f6c08ae0028e9f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28d44703b46cb0c225f6c08ae0028e9f_JaffaCakes118
Size

8KB
MD5

28d44703b46cb0c225f6c08ae0028e9f
SHA1

355057f0dea3341065892b66ed5ba3dc64f5eeab
SHA256

25c49951bef327684b3c6567c3ce10e3a79f7a6a0f58ddab37416dca19e3830c
SHA512

b44c6bfceade9793444440e757250e75e745349d97236a0a4eb1b05167e67148fc8a4b2512ea7ecd37b25cecb5815c35b93a49e38a9a2630c20aca3656f3fe04
SSDEEP

192:mCVlV+qO2nChZj5UKPitLvexmv+XIpH1Vl09PyO2T++:NMTnh15zP+Lvexmv+XIpH1E9PyOu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d44703b46cb0c225f6c08ae0028e9f_JaffaCakes118

Files

28d44703b46cb0c225f6c08ae0028e9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf4bb16cdbe025a229b616caaffa22d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetWindowsDirectoryA
GetLastError
GetProcAddress
GetTickCount
GetCurrentProcessId
FreeLibrary
GlobalMemoryStatus
GetVersionExA
GetPrivateProfileStringA
GlobalFree
DeleteFileA
GetModuleFileNameA
WinExec
CreateThread
ExitProcess
GlobalAlloc
Sleep
GetCurrentProcess

user32

ExitWindowsEx

advapi32

RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
DeleteService
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA
OpenProcessToken
LookupPrivilegeValueA

ws2_32

send
closesocket
connect
setsockopt
socket
htons
gethostbyname
inet_addr
recv
WSAStartup
sendto
htonl

Sections

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE