0011f84f8d06ba3a8e4a3a548e03162f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0011f84f8d06ba3a8e4a3a548e03162f_JaffaCakes118
Size

24KB
MD5

0011f84f8d06ba3a8e4a3a548e03162f
SHA1

12432f2d474aa7b81f6a407850c883648833e002
SHA256

69437e150cee1d5ff1f365bf506127dcafa2f0495ed4919321e6047d6a887ee7
SHA512

881b542108c95c4e00c4b01287d99745e7c163bc8513c717f621b8cc2ff05543cabe9cc6f16807605392058850b3b432e12af56965221a9bdbc38396e4106a4d
SSDEEP

192:8JXwumWdrUGz8CVQb8CN72TuUSiixmPTrzkiqpJ2fn4qD/cPS/MaMYM6ki/F6TCf:AN4Gl/zuZxKHzkdlPsLki/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0011f84f8d06ba3a8e4a3a548e03162f_JaffaCakes118

Files

0011f84f8d06ba3a8e4a3a548e03162f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ce715250283afddeca4b324c92f1c27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
GetTickCount
SetLastError
CloseHandle
WriteFile
CreateFileA
DeleteFileA
OutputDebugStringA
GetVersionExA
GlobalMemoryStatus
GetCurrentProcess
WinExec
GetModuleFileNameA
GlobalFree
WritePrivateProfileStringA
LoadLibraryA
GetProcAddress
CreateThread
CreateMutexA
GetLastError
GlobalAlloc
ExitProcess
Sleep
GetSystemDirectoryA

user32

ExitWindowsEx

advapi32

StartServiceCtrlDispatcherA
DeleteService
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
ChangeServiceConfig2A
CloseServiceHandle
OpenServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
ControlService
QueryServiceStatus

ws2_32

send
closesocket
recv
WSAStartup
WSACleanup
sendto
htonl
htons
setsockopt
socket
connect
bind
gethostname

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 909B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE