de57585fd24423b328bbebf886416577_JaffaCakes118 | Triage

Sharing

General

Target

de57585fd24423b328bbebf886416577_JaffaCakes118
Size

7KB
MD5

de57585fd24423b328bbebf886416577
SHA1

4dce82a09f6437f629efb8204fc93afe59ec2eae
SHA256

2c0559eba637a52c983692cf1cabd976998f9491db554aef5c2adc5a61ea7320
SHA512

c58b11525b84666dcac46cdba20ca64a9a94dcc685b206fcd8892a064f56891d5a5802b2aa9b3a799b7875e6b4001b491cf12dcc5a714a187c4afd29a3cfcd09
SSDEEP

96:1s+t+ltCFGOTUS1jqb/iEQ00usK3e4+7KbvnWcnEgvkk:SLY1jUi+3N+7IvnWcPvkk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de57585fd24423b328bbebf886416577_JaffaCakes118

Files

de57585fd24423b328bbebf886416577_JaffaCakes118
.exe windows:4 windows x86 arch:x86

aeb46f58c4389e937d5ee7fa273d0b5d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetTempFileNameW
GetSystemDirectoryW
WinExec
CloseHandle
DeleteFileA
CreateFileA
GetSystemDirectoryA
GetModuleFileNameA
GetModuleHandleA
CreateProcessW
ExitProcess
CreateMutexA
GetLastError
WriteFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind

advapi32

CloseServiceHandle
OpenSCManagerA
OpenServiceA
StartServiceA

user32

wsprintfA

ole32

CoUninitialize
CoCreateInstance
CoInitializeSecurity
CoInitializeEx

Sections

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ