da7e2c270a0144059de02e75e1eb37b0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da7e2c270a0144059de02e75e1eb37b0_JaffaCakes118
Size

20KB
MD5

da7e2c270a0144059de02e75e1eb37b0
SHA1

2d185f848f91928ba750bd3bb8cf77c81970f2d3
SHA256

5ac141b94541ce351e0d51d8770e9dfeecd344f3337829d98c763a4d2fa35f05
SHA512

10d1db9d78d1579f9a5737a2611383f332c9a6c4f1935e4369e0d7a91908a4d0a8d4da7a8ba9266ce88aa9a66972f3c598b4d309140d7710b22f1f176e6d3a4f
SSDEEP

192:cCw6lOKcwX5Qvl4HWrBNGX8POvTnE8485HZZnnEnPzdpObUPxLUPPgce2l230Fxf:cOFcwXevHrBcNnuppDxLUrl2kFxD5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da7e2c270a0144059de02e75e1eb37b0_JaffaCakes118

Files

da7e2c270a0144059de02e75e1eb37b0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de172f8cf25975afd8c63783ac7047cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenUrlA
InternetGetConnectedState
InternetReadFile
InternetOpenA
InternetCloseHandle

urlmon

ObtainUserAgentString

kernel32

CloseHandle
WriteFile
CreateFileA
lstrlenA
lstrcpyA
Process32Next
lstrcmpA
Process32First
CreateToolhelp32Snapshot
TerminateProcess
GetExitCodeProcess
OpenProcess
Sleep
GetSystemTime
WinExec
lstrcatA
GetCurrentProcess
GetVolumeInformationA
GetSystemDefaultLangID
HeapAlloc
GetProcessHeap
LoadLibraryA
CreateRemoteThread
MapViewOfFile
CreateFileMappingA
GetProcAddress
GetModuleHandleA
GetLastError

advapi32

ControlService
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
CloseServiceHandle

user32

wsprintfA

Sections

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE