0956cb040b084392f208b7c76fed3797_JaffaCakes118 | Triage

Sharing

General

Target

0956cb040b084392f208b7c76fed3797_JaffaCakes118
Size

22KB
MD5

0956cb040b084392f208b7c76fed3797
SHA1

be5d2241a13e4800ee83847175f32c28797115be
SHA256

05b2a07a0dc992832f237262891428be4060b5af64ef9aed573f912c113ed9ab
SHA512

3bb202e9326e262129bccf8bd7dd93f51e8a255bdd1c2d131a639ab1a2ac45c29207105f07816e88e85e7b43e133c8d762542c7f687ec82aaf6b9469e0583085
SSDEEP

384:7O/zMMg/GnkZ18O/zN+5g0BaYm34YBcgMMMI7iYZW94x:7az6GnNazN50gYm3BMMMIO/+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0956cb040b084392f208b7c76fed3797_JaffaCakes118

Files

0956cb040b084392f208b7c76fed3797_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4050b8f82bb259994ce41e4269599033

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
Sleep
lstrlenA
GetLastError
ResumeThread
CreateProcessA
SetThreadPriority
GetModuleFileNameA
SetPriorityClass
GetCurrentProcess
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
GetModuleHandleA
CopyFileA
LoadLibraryA
GetSystemDirectoryA
FreeResource
lstrcatA
FindResourceA
SizeofResource
LoadResource
LockResource
GlobalAlloc
CreateFileA
WriteFile
CloseHandle
GetCurrentThread
GetStartupInfoA

comdlg32

GetFileTitleA

advapi32

RegCreateKeyExA
StartServiceCtrlDispatcherA
OpenSCManagerA
CreateServiceA
OpenServiceA
StartServiceA
CloseServiceHandle
RegisterServiceCtrlHandlerA
SetServiceStatus
RegOpenKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

msvcrt

sprintf
strstr
strncmp
_except_handler3
exit
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ