ad913b42938e954370765c769fe5249e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad913b42938e954370765c769fe5249e_JaffaCakes118
Size

27KB
MD5

ad913b42938e954370765c769fe5249e
SHA1

ad202da897c197f9b564a7908c208525f6b215f1
SHA256

dc01e3c5237cfaed23420a74a6c45f5875d23c0f98d7873bd92a552b1d9b7388
SHA512

762c8e59834fcc885b279cfe3fc5b4637773892b2ab9ea5e672afb422a35f477574dcb4d3cf3e77cfe17f6d442f469f3c4abb5acb10c76bd08430d18d1c60c97
SSDEEP

768:KLyBndD0/3J+LKZsNbukrRbAibxjozD6:7ndDcZ+uZsNbFrRXbxjOD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad913b42938e954370765c769fe5249e_JaffaCakes118

Files

ad913b42938e954370765c769fe5249e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdffd07d165c5cf4ab55f90664e44e5f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
lstrlenA
CreateFileA
lstrcatA
GetTickCount
GetTempPathA
CreateToolhelp32Snapshot
ReadFile
SetFilePointer
GlobalAlloc
GetFileSize
LoadLibraryA
Sleep
GetCurrentThreadId
Process32First
GetCurrentProcessId
GetModuleFileNameA
Process32Next

user32

wsprintfA
PeekMessageA
PostThreadMessageA

advapi32

ControlService
OpenSCManagerA
OpenServiceA

shell32

ShellExecuteA

Sections

.text
Size: 912B - Virtual size: 898B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 960B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ