7882b57eac654ccf6e2b6a80fb1c6e46_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7882b57eac654ccf6e2b6a80fb1c6e46_JaffaCakes118
Size

15KB
MD5

7882b57eac654ccf6e2b6a80fb1c6e46
SHA1

a3d25886542a6b1103e824f413ca0111f284e821
SHA256

0f6ec17450d758f2740ec0090c4de30304acaa40f193714be34525ea95f7725e
SHA512

351dc6e1c5149b2705a7b06d71b2e04cc37eac8435bb08f3784cb93a56578eec357556d29c83c71a77f6c4b334dde86f531a367699c1b9f1c705a6c85a18c82d
SSDEEP

384:+nOQyHBDDgqswgqq0rVx2oudw+lp74KPzL+2zUDK81n2:+nTyxX5qdmI2+812

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7882b57eac654ccf6e2b6a80fb1c6e46_JaffaCakes118

Files

7882b57eac654ccf6e2b6a80fb1c6e46_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5a3aea3864592b0fdc728fd8f26a7e28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetModuleHandleA
PeekNamedPipe
GetCurrentProcess
ReadFile
GetCurrentDirectoryA
DeleteFileA
GetVersionExA
GetTickCount
Sleep
CopyFileA
CreateFileA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
LoadLibraryA
GetProcAddress
ExitProcess
DosDateTimeToFileTime
MoveFileA
FindFirstFileA
FindNextFileA
FindClose
CloseHandle
CreateProcessA
WriteFile
DeviceIoControl

user32

MessageBoxA
LoadIconA
TranslateAcceleratorA
GetClipCursor
DrawTextA

advapi32

RegQueryValueW
RegLoadKeyA
RegLoadKeyW
OpenServiceA
QueryServiceStatusEx
ControlService
DeleteService
CloseServiceHandle
AllocateAndInitializeSid
CheckTokenMembership
FreeSid
RegCloseKey
OpenSCManagerA
OpenProcessToken
RegEnumKeyA
RegOpenKeyA
RegDeleteValueA
CreateServiceA
StartServiceA
GetTokenInformation

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE