f46f6141fa9d97834f9f1904b28e4565_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f46f6141fa9d97834f9f1904b28e4565_JaffaCakes118
Size

6KB
MD5

f46f6141fa9d97834f9f1904b28e4565
SHA1

4e81726f0f63b62b00cb33689afa865aa0fb810b
SHA256

6348af4ecad0fa76baa0eceacf5ca7077ba84d2ccdc4d9c1d57aa0502e3146cd
SHA512

f493828a5eee3457e81e3618193ecc64416cdd411b6b3e8b8616027b9d54c97475b355cf379d64ae8afc521ef6979b155499bbd06707db0e05c8fedba4857e3c
SSDEEP

96:kzqNpsRqKxQ1Goxe64Hx0NBpaXECnqAis9AIe9B2Ip:kzIsRqKSV3ax09aX5qAR9AINIp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f46f6141fa9d97834f9f1904b28e4565_JaffaCakes118

Files

f46f6141fa9d97834f9f1904b28e4565_JaffaCakes118
.exe windows:4 windows x86 arch:x86

786d5efc7907e0692a127d6f2a3893cd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SetTimer
RegisterClassExA
PostQuitMessage
KillTimer
GetMessageA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
wsprintfA

kernel32

SystemTimeToFileTime
lstrcatA
lstrlenA
lstrcpynA
lstrcpyA
CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetSystemDirectoryA
GetSystemTime
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
Sleep
WinExec

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

wsock32

inet_ntoa
htons
gethostbyname
WSAStartup
socket
listen
bind
WSACleanup
closesocket

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
InternetGetConnectedState

urlmon

URLDownloadToFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE