4be26979106bdc1a90b7839973d615ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4be26979106bdc1a90b7839973d615ad_JaffaCakes118
Size

14KB
MD5

4be26979106bdc1a90b7839973d615ad
SHA1

60488b6d1c2a2fbb548bb1ab0eb26d35f0324afd
SHA256

410a407df2e4700d5389f89db2c81fb705828e71ec7cc414d9c9a5b526151802
SHA512

0101a9ee7c2edb8d317007d600bf26a94545bb67f69febb27150ea45abb4216d727dc273310417c11ffb202387dfffa10509348337e91e7ac86f2741a1cbfff2
SSDEEP

192:y0hi5qslZlh78Xxgwpdj/mc0p1TwN6+XvGMUakxb8xye89cSUoync1O41CUi+SNd:y0aHpgdixk6tkyH9cHq1R1CUpSr/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4be26979106bdc1a90b7839973d615ad_JaffaCakes118

Files

4be26979106bdc1a90b7839973d615ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cc48015ce33f342d371d255a23b9707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
TerminateProcess
SetConsoleMode
VirtualAlloc
VirtualFree
CloseHandle
GetStartupInfoA

advapi32

ControlService
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
SetServiceStatus
AdjustTokenPrivileges
LookupPrivilegeValueA
CloseServiceHandle

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoRevokeClassObject
CoSuspendClassObjects
CoTaskMemAlloc
CoTaskMemFree

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
strchr
atoi
strncmp
memmove
fclose
fread
fseek
fopen
exit
free
realloc
strlen
malloc
strcmp
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
_strcmpi

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ