8d4f276a102726184a17fffd2d507f8f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8d4f276a102726184a17fffd2d507f8f_JaffaCakes118
Size

11KB
MD5

8d4f276a102726184a17fffd2d507f8f
SHA1

f913ae997b8feefb1276e566a8f0ad771bdd8f0b
SHA256

8bbb936e14de0d723b431b1dffac1056f5312d2e3935a227b29bb7a8a623dc42
SHA512

19e7030d78c96e066fffc2a3a3f1780ce9ebda6dae134efd2a99e19e778d216ca741db3ea2390a3a3a34e75f30a66ebad80628fa8df7fae2e1b5dd4d854f5d40
SSDEEP

192:GsF4UyuVaaWFPWQ03HPSB3PmClsnonOofC:/yuVaaWFPWddroy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d4f276a102726184a17fffd2d507f8f_JaffaCakes118

Files

8d4f276a102726184a17fffd2d507f8f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

609a1535af30e1933470cefba7849e5e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
MoveFileExA
MoveFileA
GetSystemDirectoryA
GetTickCount
WriteFile
SizeofResource
LoadResource
FindResourceA
TerminateThread
CloseHandle
FreeResource
GetWindowsDirectoryA
Sleep
DeleteFileA
CreateThread
LockResource

advapi32

DeleteService
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
CloseServiceHandle
ControlService

msvcrt

__CxxFrameHandler
sprintf
rand
srand
free
_initterm
malloc
_adjust_fdiv

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ