bb9e3b16000cd1a2ed50df4ce9c40efd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb9e3b16000cd1a2ed50df4ce9c40efd_JaffaCakes118
Size

84KB
MD5

bb9e3b16000cd1a2ed50df4ce9c40efd
SHA1

78dabe2bc87b410a7dffb97045af45dbc6aee222
SHA256

18317f9def6acaedf87a290443c972f0d8f8a6ec11008883e06e10a1ff9a1573
SHA512

48c651d9231ec1f7311ab16eaedce7c7120485a2a93947735a7ad630b8749bc55e3a4433caf53a202d085a0992014f53210a9713b697161000a42c98867efcd8
SSDEEP

1536:A0HSozHifrHWkIUp1BxFP22khdCO8YRgUFnToIfnJT0h:1HTMr2kBp1Bi2IdCO8YRbtTBfnJT0h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb9e3b16000cd1a2ed50df4ce9c40efd_JaffaCakes118

Files

bb9e3b16000cd1a2ed50df4ce9c40efd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8be5697bd9240bcd020dd7c581a32732

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
GetTempPathA
GetTempFileNameA
CopyFileA
DeleteFileA
GetWindowsDirectoryA
GetModuleFileNameA
GetShortPathNameA
lstrcpyA
lstrcatA
SetPriorityClass
GetCurrentProcess
GetCurrentThread
GetLastError
SetThreadPriority
GetStartupInfoA
GetModuleHandleA

advapi32

RegQueryValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegSetValueExA
CreateServiceA
ChangeServiceConfig2A
RegCreateKeyA
RegDeleteKeyA
StartServiceA
RegOpenKeyExA

shell32

SHChangeNotify
ShellExecuteExA

mfc42

ord6153
ord3790

msvcrt

exit
fclose
fflush
fwrite
fopen
strncat
strncpy
rand
srand
time
strchr
_CxxThrowException
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_exit
_XcptFilter
_stricmp
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE