3cb15d728a9629254e218eef7a2b2b0e_JaffaCakes118 | Triage

Sharing

General

Target

3cb15d728a9629254e218eef7a2b2b0e_JaffaCakes118
Size

8KB
MD5

3cb15d728a9629254e218eef7a2b2b0e
SHA1

2662f2a5f11b411ef5aed926c1bacada249fc7d0
SHA256

e2804e96ec0aaa70e9fb0f4496a088c9343c65759b2017e78828bf4ecf81c042
SHA512

34020d2a6de545dccbe8135c3631767b25963fe52be5e53ad10c06aac4617d935dfce0b5eeb759dc2ce9fb1738eca73461d8c0f4e582217e0953decda9cbfb24
SSDEEP

192:U27+qOx6cwX5yJ/Kxmailv4ccGv4xl2ylPlO2T++:U5Tx6ck5Sv41QiplPlOu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3cb15d728a9629254e218eef7a2b2b0e_JaffaCakes118

Files

3cb15d728a9629254e218eef7a2b2b0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

686c3fed197408f3ee7266004847a5ef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetWindowsDirectoryA
GetLastError
GetProcAddress
GetTickCount
GetCurrentProcessId
FreeLibrary
GlobalMemoryStatus
GetVersionExA
Sleep
ExitProcess
GetPrivateProfileStringA
DeleteFileA
GetModuleFileNameA
WinExec
GlobalAlloc
GlobalFree
CreateThread
GetCurrentProcess

user32

ExitWindowsEx

advapi32

RegisterServiceCtrlHandlerA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
DeleteService
CloseServiceHandle
SetServiceStatus
StartServiceCtrlDispatcherA
OpenProcessToken
LookupPrivilegeValueA

ws2_32

closesocket
htons
gethostbyname
inet_addr
recv
setsockopt
send
WSAStartup
connect
socket
sendto
htonl

Sections

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE