2ed2cf6258a9621d42feffcea5be5307_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ed2cf6258a9621d42feffcea5be5307_JaffaCakes118
Size

9KB
MD5

2ed2cf6258a9621d42feffcea5be5307
SHA1

778f164c3f4b62831e5bc2138fc7ee9cb971a9a1
SHA256

114483bd5fa8cfa2e1d21bc2e86419f08672c0730ad086ce35a03f74e07a41c9
SHA512

310b1895bfae0f6b3b008a718e105bcfa2fbe66c92a909d145bd00e10ba0bac8439728270fd4d4f1c782d8d5b31e67df9b9aee72ec8c4cae7143190c8549bcdf
SSDEEP

192:bf2Mvmox4ztEmPafv999Tu+n5GRx+Hb9J:z2vox4pNST1GTu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ed2cf6258a9621d42feffcea5be5307_JaffaCakes118

Files

2ed2cf6258a9621d42feffcea5be5307_JaffaCakes118
.dll windows:4 windows x86 arch:x86

93b0ba38caada4082a547a0248eb56ac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CreatePipe
PeekNamedPipe
GetLocalTime
ReadFile
WriteFile
CloseHandle
FreeConsole
GetComputerNameA
Sleep

advapi32

RegSetValueExA
RegCloseKey
SetServiceStatus
RegisterServiceCtrlHandlerA
RegOpenKeyExA

msvcrt

??2@YAPAXI@Z
atol
??3@YAXPAX@Z
fread
strcmp
sprintf
strrchr
ftell
fseek
fclose
strlen
fopen
fwrite
atoi
strstr
memcpy
wcstombs
strncpy
strcpy
sscanf
memset
strcat
free
_initterm
malloc
_adjust_fdiv
_strnicmp

wininet

InternetReadFile
HttpQueryInfoA
InternetOpenUrlA
InternetOpenA
HttpEndRequestA
InternetWriteFile
HttpSendRequestExA
HttpSendRequestA
InternetSetOptionA
InternetQueryOptionA
HttpOpenRequestA
InternetConnectA
InternetCloseHandle

Exports

Exports

InstallA
InstallService
RemoveA
ServiceMain
UninstallService

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 468B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ