b95ae2089b9b4c7bb525a1f06e9be6e4_JaffaCakes118 | Triage

Sharing

General

Target

b95ae2089b9b4c7bb525a1f06e9be6e4_JaffaCakes118
Size

21KB
MD5

b95ae2089b9b4c7bb525a1f06e9be6e4
SHA1

51972a2035d7096cd3b900b273c9486507e238cf
SHA256

4974184fbb5df95557df978d6ce6ea501a27f10098398c34368ae8922289416d
SHA512

cfead22a680eb97f5ffc128f4bb212f88e7a5cfd7716f5b5455a82962e7efda83c9e4c7659202a2d54c462f36caa1166f9f259d439827accab9405af6685509d
SSDEEP

384:cjYmQhk1PX5pf5X5X1qi1Oh3nR/vW2RM1GHH7iIh23A3jhmsxeL76Rd/ZqdPCX9C:5Fk1/5pf5Jlqi1enRHW2R0GHHeIh2ujk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b95ae2089b9b4c7bb525a1f06e9be6e4_JaffaCakes118

Files

b95ae2089b9b4c7bb525a1f06e9be6e4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50194329e039f7615142f3ed88f7fc7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetTempPathA
GetWindowsDirectoryA
GetTickCount
RtlUnwind
CreateFileA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
WriteFile
CloseHandle
CreateProcessA
ReadFile
IsDebuggerPresent

advapi32

CreateServiceA
CloseServiceHandle
StartServiceA
OpenSCManagerA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 682B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ