59bae02d8094ed124ddc67b44b035c9e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59bae02d8094ed124ddc67b44b035c9e_JaffaCakes118
Size

8KB
MD5

59bae02d8094ed124ddc67b44b035c9e
SHA1

591517db4f66406b77089c05bb1857d86395637b
SHA256

5542fd267da7653ab7a9dfd11aa14c94f9f1872798c84b497b809dbc50420850
SHA512

69d41c5955053d39c838f8cc9de99c4ca273efd094d8d4fb7f6c3248a041b2ca8af4222339ae10d42bf8415c3eac8b8f1261c5d657b6d641febf5104f574fee4
SSDEEP

96:wCYyVsWhj7rnnnuP+ebA1Ptboyny7y+EBMd8FRP0Vv/yn3WQh:whyDjXnM+e81P1oynyW+eP7P0tynmQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59bae02d8094ed124ddc67b44b035c9e_JaffaCakes118

Files

59bae02d8094ed124ddc67b44b035c9e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1ac71ceb6f4a4362663dbf36d1c17d49

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
FreeResource
LoadResource
SizeofResource
FindResourceA
WinExec
lstrcatA
GetFileTime
GetModuleFileNameA
MoveFileW
DeleteFileW
lstrcatW
lstrcpyW
Sleep
SetFilePointer
GetCurrentThread
WriteFile
SetEndOfFile
FlushFileBuffers
SetFileTime
CloseHandle
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetStartupInfoA

advapi32

RegCloseKey
OpenSCManagerA
OpenServiceA
QueryServiceStatus
ControlService
StartServiceA
RegOpenKeyExA
RegSetValueExA
CloseServiceHandle

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ