76409d7ab026f8cd1b27a3c47259028d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76409d7ab026f8cd1b27a3c47259028d_JaffaCakes118
Size

7KB
MD5

76409d7ab026f8cd1b27a3c47259028d
SHA1

14f2dc010cafbaa0dbd3ff1ff83c6ea26b15972d
SHA256

d80b39bf2c1fc99fed2ae74fc807a6418c161e192068a14fed8cfa017baf4e94
SHA512

ad49269ed80bfef8d5c387a1d6d341d58df660e444bb6c91812f44bb6e900eb492d03610bb0be8f8269fb49700ed0d57eaf55807e79f8fa354b147f271c15b43
SSDEEP

96:oaKVQBsv/Bm3bfiI9QljygBf7Joa+M0bVuVqQW0SN83MgUi/K1g:oZCsQbTQg4ia+ZxuEQWJNeMgdy1g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76409d7ab026f8cd1b27a3c47259028d_JaffaCakes118

Files

76409d7ab026f8cd1b27a3c47259028d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

639d79235e6d20016a7649870e78f152

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
malloc
_initterm
free
strlen
strcat
memset

advapi32

DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
CloseServiceHandle
ControlService

kernel32

FreeLibrary
GetLastError
GlobalFree
LoadLibraryExA
GlobalAlloc
GetProcAddress
GetModuleHandleA
Sleep
DeviceIoControl
WriteFile
DeleteFileA
SetFileAttributesA
MoveFileA
CloseHandle
LockResource
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileA
LoadResource
SizeofResource
FindResourceA
GetSystemDirectoryA
lstrcatA
GetTempPathA

Sections

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ