93aefd0829bbfb9af7d11be697f4a924_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

93aefd0829bbfb9af7d11be697f4a924_JaffaCakes118
Size

78KB
MD5

93aefd0829bbfb9af7d11be697f4a924
SHA1

df7a00d0b0ce646df205d5a6e438b100a9ec30d1
SHA256

1d717f17183fd989aca96630b29975cd7581a3585592eaca40159ccd22c5d3d1
SHA512

2b172901e965598e1f404e52c7c9695fb1fbdf3520f3c7338cb27e121e78ab80c400330f0e63113650e6a0277a5b471631a96ddec06da90926baba6e27717a0f
SSDEEP

1536:X9JkjrY/aInmdWYQeBEryjMMQPNmBsD7R7YitY72/tVR3m:X9JkjrMmM4Erw9KNLxqS1VRW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93aefd0829bbfb9af7d11be697f4a924_JaffaCakes118

Files

93aefd0829bbfb9af7d11be697f4a924_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c9c09ee256e898c0607c1e7d3656a71e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetModuleFileNameA
GetTempPathA
DeleteFileA
ExpandEnvironmentStringsA
FindNextFileA
FindFirstFileA
Sleep
lstrcpynA
ExitProcess
CreateThread
GetLastError
CreateFileMappingA
SetErrorMode
GetTempFileNameA
GetVolumeInformationA
CreateProcessA
GetFileAttributesA
lstrcpyA
lstrcatA
GetProcAddress
LoadLibraryA
SetCurrentDirectoryA
lstrlenA
GetModuleHandleA
GetStartupInfoA

advapi32

OpenServiceA
CloseServiceHandle
ChangeServiceConfigA
ControlService
DeleteService
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
OpenSCManagerA

msvcrt

toupper
atoi
malloc
_except_handler3
fclose
ftell
fseek
fopen
fwrite
fputs
fread
memset
strlen
abs
strcat
rand
strcpy
strrchr
strcmp
strtok
srand
__p___argv
__p___argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
sprintf
strstr
_strdup
_strcmpi

Sections

.bss
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE