f86d765d2d28f2de214cf6d7115ba142_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f86d765d2d28f2de214cf6d7115ba142_JaffaCakes118
Size

3KB
MD5

f86d765d2d28f2de214cf6d7115ba142
SHA1

0e926682b73ec16424bd11796ff108a96c8099bc
SHA256

50b29c66e593bc68f3018343fbe1cb996623542d3871987c3b830a93985236c1
SHA512

bbf18360c19ddd418e2422663f4d6963b4a717d5dfe26ae0f3d1b5daf76a868dca090d2b7ff16150b54a6bdd67d5413bd074b0a1157446ca97db65d02e95a896

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f86d765d2d28f2de214cf6d7115ba142_JaffaCakes118

Files

f86d765d2d28f2de214cf6d7115ba142_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6338ffa4781ce9ab8456902b085ea3ba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
DisableThreadLibraryCalls
Sleep
CloseHandle

wsock32

htons
closesocket
send
recv
__WSAFDIsSet
accept
setsockopt
connect
socket
gethostbyname
ioctlsocket
htonl
listen
bind
WSAStartup
select

wininet

InternetGetConnectedState

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ