a182dcee7244c76a41723779f6e77af7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a182dcee7244c76a41723779f6e77af7_JaffaCakes118
Size

242KB
MD5

a182dcee7244c76a41723779f6e77af7
SHA1

3b8fa08aac4ac41a4a029218a2eb442b84b08d1a
SHA256

c2a9240fd81f511209e47e7f550491cebaa25ca0163da5c4e90323d6cf068411
SHA512

bfc589e61dca60e41b4bcb822580a43a41d5861f8521f161bc0ac9d3548285a46f210b635e84921d72653418faff331e9e3d2f1909300a71341fed3019a7daa7
SSDEEP

6144:QS6LWJEEP5gVC0Dr/GtZvt9wNG5fHU7CiQhOQ:QS66EEPVKreL/kJ7CiWf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a182dcee7244c76a41723779f6e77af7_JaffaCakes118

Files

a182dcee7244c76a41723779f6e77af7_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97230de7cd48723c38267bbd8da19cf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
lstrlenA
GetLastError
GetProcAddress
CloseHandle
WriteFile
SetFilePointer
CreateFileW
ExpandEnvironmentStringsW
LoadLibraryA
OutputDebugStringW
lstrlenW
GetModuleHandleW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetSystemInfo
IsDebuggerPresent

user32

MessageBoxA
wsprintfA
wsprintfW

Exports

Exports

ServiceMain

Sections

.text
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ