afdc6e13ede6a4aea50391bedf16428f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

afdc6e13ede6a4aea50391bedf16428f_JaffaCakes118
Size

44KB
MD5

afdc6e13ede6a4aea50391bedf16428f
SHA1

c5764397168fbd65849963fb9807630c396b1f30
SHA256

aa1ca738aad957359b9d0b412978690c1e92f2daea166cec79eae2b408739484
SHA512

617f560bab65288c56f7d4b3b6ed5a53235951c0fab352735f021fcd08222a00b07ad6c5707091bc4803841f3e5581d06c1219b962094725b9b41fbf57a13c32
SSDEEP

768:/mHADZcKd7pdkZlIz1kq9vQNvu1/a0z11:/ltuez1kq9v8Y/j51

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
afdc6e13ede6a4aea50391bedf16428f_JaffaCakes118

Files

afdc6e13ede6a4aea50391bedf16428f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd7a7a61892d87f2c89c87cedf8429b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetFileInformationByHandle
GetSystemDirectoryA
CloseHandle
FindFirstFileA
FindClose
DeleteFileA
SetLastError
Sleep
WriteFile
SetFileTime
GetModuleFileNameA
CreateFileA
SetFilePointer
ReadFile

user32

GetMessageA
GetInputState
PostThreadMessageA

advapi32

ControlService
RegQueryValueExA
OpenSCManagerA
CloseServiceHandle
CreateServiceA
ChangeServiceConfig2A
RegCreateKeyA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
DeleteService
QueryServiceStatus
OpenServiceA
RegOpenKeyExA

ws2_32

inet_ntoa
WSAStartup
WSACleanup

msvcrt

strcmp
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
strcpy
memcpy
memset
strncat
strlen
strncpy
printf
sprintf
strcat
_stricmp
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE