7300e2d227a21ea89e8732f5baa425bf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7300e2d227a21ea89e8732f5baa425bf_JaffaCakes118
Size

11KB
MD5

7300e2d227a21ea89e8732f5baa425bf
SHA1

d67e28d1f227dad46eeb46207c021fa10a9bef13
SHA256

473205e190d519ebe74ae49e57a99b3f0b450aa670d65842b806b5c249d4295b
SHA512

16843becf93e88a3f8b3780476c804aaefbfa11519e7dabd000e3f93dc302a29062c23954f6c4671bbcdf85d308b36a529c47279771c209f510f5615cadc697e
SSDEEP

192:9BsUkftmWkPF8aJ5zqAXIQLm3WSfCEKcmMAzGV:9BsUcUWaHzqAXIem3WSfCEKY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7300e2d227a21ea89e8732f5baa425bf_JaffaCakes118

Files

7300e2d227a21ea89e8732f5baa425bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8ab09d4a3fed640d2dc029d540b389c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
TerminateProcess
WaitForSingleObject
CreateProcessA
ResumeThread
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
GetEnvironmentVariableA
GetShortPathNameA
GetModuleFileNameA
ReadFile
SizeofResource
FreeLibrary
GetProcAddress
SetFileAttributesA
GetSystemDirectoryA
GetLastError
DeviceIoControl
GlobalFree
LoadLibraryExA
GlobalAlloc
GetModuleHandleA
LoadResource
CreateFileA
LockResource
WriteFile
CloseHandle
lstrcpyA
lstrcatA
DeleteFileA
GetFileSize
ExitProcess

advapi32

OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
RegOpenKeyA
RegOpenKeyExA
RegEnumValueA
RegCloseKey
StartServiceA

msvcrt

strrchr
??3@YAXPAX@Z
??2@YAPAXI@Z
strchr

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ