a8dd7a627d0f8cbd03dd6b656aada965_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a8dd7a627d0f8cbd03dd6b656aada965_JaffaCakes118
Size

297KB
MD5

a8dd7a627d0f8cbd03dd6b656aada965
SHA1

d49be9842ab6332214ce8627aa56b84c242ab9fe
SHA256

b263e370a85e9a31d121e046b541436c9e3df00bf879ccc90437b56cb21cc4bb
SHA512

c2743f38cfd8f18198b5db8c2ec7f4686bff0e51a058c1364643c2acf981dbd0eebf26ff2964b8333f01c10271c0f448859cf08ba38a0074460c6598683b8ac7
SSDEEP

6144:o4HW1V1ukcUsSKtuWiaMICEliGByy6MeZxJNKNP:o3Vco3KtuW3M1ElNIBTJU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8dd7a627d0f8cbd03dd6b656aada965_JaffaCakes118

Files

a8dd7a627d0f8cbd03dd6b656aada965_JaffaCakes118
.dll windows:4 windows x86 arch:x86

97133efb8aadaf33b4ed0c0f788b0b15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
CloseServiceHandle
ControlService
CreateServiceA
DeleteService
OpenProcessToken
OpenServiceA
QueryServiceStatus
SetSecurityDescriptorDacl
StartServiceA

ole32

CoCreateGuid
CoCreateInstance
CoDisconnectObject
CoGetClassObject
CoInitialize
CoLockObjectExternal
CoRegisterMessageFilter
CoResumeClassObjects
CoUninitialize
CreateBindCtx
CreateDataAdviseHolder
OleFlushClipboard
ReleaseStgMedium
StgCreateDocfileOnILockBytes
WriteClassStm

kernel32

lstrcpyA
VirtualAlloc
OpenFile
GetLastError
EnumResourceNamesA

Exports

Exports

Eff
Vui

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 177KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ