15315cf5ee5c8fc66f1bf35c3331cf98_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15315cf5ee5c8fc66f1bf35c3331cf98_JaffaCakes118
Size

561KB
MD5

15315cf5ee5c8fc66f1bf35c3331cf98
SHA1

3d9e07432a8267a9c0aad6e717bb774ac2b86008
SHA256

eeb406171ca363efbd8621fb13c0149c6c6bcefa047c83a9934b8ba9cbb59aea
SHA512

b40b11e97be472f8466dcd8cfb69abd5dc3e15aa54228d11e0b64f78747297cc77f47d30223075f761259607a8ecd5473012620cfbb3348ebb3706c3283dfbfb
SSDEEP

12288:oUU3csJ6w5p6RqvaviJz7uy4FLDwiYhCLNfo0Y/E4zxf:bU3ckf68a6Jz7uBuzhCLpMc4Nf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15315cf5ee5c8fc66f1bf35c3331cf98_JaffaCakes118

Files

15315cf5ee5c8fc66f1bf35c3331cf98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2671b0bf7209b6a2db8256406df1f2fc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
FindResourceExA
FreeResource
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
LoadLibraryA
ExitProcess
ReleaseMutex
SizeofResource
Sleep
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WriteFile
CreateThread
CreateMutexA
CreateFileA
CloseHandle
LoadResource

shell32

SHGetFolderPathA
FreeIconList

advapi32

OpenServiceA
CloseServiceHandle
DeleteService
EnumServicesStatusA
OpenSCManagerA
ControlService

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ