73a5561f841ece6eeec364f2f73fcf03_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73a5561f841ece6eeec364f2f73fcf03_JaffaCakes118
Size

16KB
MD5

73a5561f841ece6eeec364f2f73fcf03
SHA1

d9653ea37c4b47d639bf7127927f2537241cff02
SHA256

20bea69b383bbb28fc62e24e81bea86dd1be0d4b0d4d0e443dbc11e28b608a69
SHA512

568ee40e84a4fa1b7e7ae78b23b11f150afe647779dc87e4e92a69993185dde47a0c95a8b608df19df3e49aefd27f148a6ddc68b5c35f32d7468db4483ab6e7c
SSDEEP

192:+GZnUqe9KZrLjqO82gt3mosFgO74xfQrVBRHeNiZrFEAGFaV/7WGb4tid1msdSzr:ldTXgt3mo2IorQD7ooJyytyM7Mo9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a5561f841ece6eeec364f2f73fcf03_JaffaCakes118

Files

73a5561f841ece6eeec364f2f73fcf03_JaffaCakes118
.exe windows:4 windows x86 arch:x86

043b8beeabc5e8cf2b904c8bee77d13d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetWindowsDirectoryA
LockResource
GlobalAlloc
SetFileAttributesA
SizeofResource
FindResourceA
CreateFileA
WriteFile
CloseHandle
GetCommandLineA
LoadResource
WinExec

advapi32

CreateServiceA
CloseServiceHandle
ChangeServiceConfig2A
StartServiceA
OpenSCManagerA

Sections

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ