f9d29682ca170574aa1b4646aa1ea764_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f9d29682ca170574aa1b4646aa1ea764_JaffaCakes118
Size

13KB
MD5

f9d29682ca170574aa1b4646aa1ea764
SHA1

f586d51545a2709b44d8f0bb5afd141399a1a197
SHA256

5ffb88dd596b6d51a018d4a996507a5dc73b9297822dd2b34e181ec1ebe4a7d3
SHA512

57d4737ed751fdab6ca639dd8537aa69e53c5d854b67f438c433a4f074609e09067239959c3f746ab70575d3921fc9281cb4648b71278f351074648d5189877d
SSDEEP

384:dpBhU6kAqYYAkTx/uz+1K89mIbVaEHzpHzNcV+KG6o:dpBhYAcAkTE+1BJDTpTNA+8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d29682ca170574aa1b4646aa1ea764_JaffaCakes118

Files

f9d29682ca170574aa1b4646aa1ea764_JaffaCakes118
.exe windows:4 windows x86 arch:x86

af1660f0a4d4224aa7b61fd966b17259

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetProcAddress
GetTickCount
GetWindowsDirectoryA
GlobalAddAtomA
GlobalAlloc
GlobalDeleteAtom
GlobalFindAtomA
GlobalFree
LoadLibraryA
ExitThread
LocalFree
ReadFile
SetFilePointer
Sleep
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
ExitProcess
DeleteFileA
CloseHandle
CreateThread
CreateProcessA
CreateFileA
LocalAlloc

user32

FindWindowExA
FindWindowA
GetClipboardData
SendMessageA
wsprintfA

ws2_32

gethostname
getsockname
htonl
htons
inet_ntoa
listen
gethostbyname
select
send
shutdown
socket
WSAStartup
WSACleanup
connect
closesocket
bind
accept
recv
__WSAFDIsSet

advapi32

RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyA
RegCloseKey

shell32

ShellExecuteA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ