e9f8e7189371cc2c5cef99db7d06631b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e9f8e7189371cc2c5cef99db7d06631b_JaffaCakes118
Size

15KB
MD5

e9f8e7189371cc2c5cef99db7d06631b
SHA1

02043008c6ece1b4414fd00220810369a3434e70
SHA256

5be2a2e70b1c4f62f5b3bb7dc4faf8ff3583515204fc8c06ed0290f66fcda24d
SHA512

973e51df6de6fd86685a3fc8e560f1b52648d7e72ad06eec76ecc6c21fea11b5b08ae8410063f3add10ab4433eece758b350146dd1d31bbc616fb017f8ceadd0
SSDEEP

384:6PVCF3GnEBj+OcPfyGPOroFFccgTlxDIZb4:iVqjGffOrgvgjDI6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e9f8e7189371cc2c5cef99db7d06631b_JaffaCakes118

Files

e9f8e7189371cc2c5cef99db7d06631b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9c9832b5bcf9906b6f29af7ac08414c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemDirectoryA
GlobalMemoryStatus
ExitThread
CreateProcessA
DeleteFileA
GetTempPathA
ExitProcess
GetTickCount
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetLastError
FindClose
OpenProcess
GetProcAddress
LoadLibraryA
GetCurrentProcessId
CopyFileA
GetModuleFileNameA
GetVersionExA
lstrcatA
FindFirstFileA
FindNextFileA
lstrcpyA
GetDriveTypeA
Sleep
CreateThread
TerminateProcess

advapi32

RegSetValueExA
OpenSCManagerA
OpenServiceA
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

shell32

ShellExecuteA
SHGetFileInfoA

msvcrt

__set_app_type
_controlfp
printf
sprintf
fclose
fread
fseek
_stat
fopen
fwrite
strstr
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
_except_handler3

ws2_32

send
WSACleanup
WSAStartup
closesocket
sendto
socket
htons
gethostbyname
inet_addr
connect
inet_ntoa
setsockopt
WSASocketA
htonl
recv
WSAGetLastError

Sections

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE