02050778d37d182171e0ddc631cfe9c9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02050778d37d182171e0ddc631cfe9c9_JaffaCakes118
Size

33KB
MD5

02050778d37d182171e0ddc631cfe9c9
SHA1

e2f6813e806e152dae32391acd9efd31b1799db4
SHA256

336f718d112305089ec9a17ac7d35c2dba57f56cfd942e7289b04c31c01ea823
SHA512

c74eb0278e43671097e115fec181f392987f3b89e0bd254a5139b6122070bc63819cb2e271c437e46023acb7e92efd52dde71264a54494a3f803ddd6644ccaaf
SSDEEP

384:kz7RtAyFvQQFaN12+rE2g7DMcKLVypsSZ+PI4UQwea+7NVshq:k7RtZFaNU+Ib7DMcKRi8I4UsN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02050778d37d182171e0ddc631cfe9c9_JaffaCakes118

Files

02050778d37d182171e0ddc631cfe9c9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57e54edf0cfa51944d3c03dd9bfaa86c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
GetLogicalDriveStringsA
GetLocaleInfoA
GetSystemDirectoryA
FindFirstFileA
Sleep
GetComputerNameA
FindNextFileA
CreateFileA
GetFileSize
ReadFile
WriteFile
CloseHandle
DeleteFileA
CopyFileA
GetModuleFileNameA
ExitProcess
CreateToolhelp32Snapshot
Process32First
TerminateProcess
Process32Next
GetLastError
OpenProcess
GetVersionExA

user32

wsprintfA
ExitWindowsEx

gdi32

CreateDIBSection
CreateCompatibleDC
BitBlt
GetDIBColorTable
DeleteObject
DeleteDC
GetDeviceCaps
CreateDCA
SelectObject

advapi32

GetUserNameA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

ShellExecuteA

msvcrt

strcspn
strstr
atoi
strncpy
rename
fputc
exit
printf
malloc
_ftol
fclose
free
fread
fopen

wsock32

inet_addr
recv
send
WSACleanup
closesocket
connect
socket
htons
ioctlsocket
gethostbyname
WSAStartup

Sections

.text
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE