30f278ca972b18294af2a45ae0659f5a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30f278ca972b18294af2a45ae0659f5a_JaffaCakes118
Size

16KB
MD5

30f278ca972b18294af2a45ae0659f5a
SHA1

af12fe9f2212ed96f1e5b8da8cd4993a2a696bd2
SHA256

df3e9db4ec3ee5ef65a9ed6869c96fa6c05c5551c22f43782c57876d8723ba27
SHA512

553100bd095e3738653e3695088013783b6a2be539766ea9d761a61ece79e6d704d86f5d1e7bed3f102e262215ed163d4da47a7040bb34e74c6c1f1e4f350847
SSDEEP

48:yf76WDWCj5PrfhOdfoVLucVVVkBr6AvdZ+qGJaZTs:m6WKS5PrfhOfoFVVVkMEAqQgTs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30f278ca972b18294af2a45ae0659f5a_JaffaCakes118

Files

30f278ca972b18294af2a45ae0659f5a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d6a1a583d058ec8ca820ed23f1aee631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
MoveFileA
GetCommandLineA
GetStartupInfoA
CreateProcessA
GetWindowsDirectoryA
SetCurrentDirectoryA
CopyFileA
Sleep
ExitProcess

advapi32

RegisterServiceCtrlHandlerA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
SetServiceStatus
StartServiceCtrlDispatcherA

Sections

.text
Size: 4KB - Virtual size: 666B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.packet
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE