083dd5b98f9789dbe27212c3e8071b3b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

083dd5b98f9789dbe27212c3e8071b3b_JaffaCakes118
Size

20KB
MD5

083dd5b98f9789dbe27212c3e8071b3b
SHA1

5a22df6ccb6cc843edcc32ba3bd6083225955515
SHA256

7156679424c182155d7bca7a098595b5cb7a59da2d5eaafa8b5a643a80729a6a
SHA512

55d72d8572d1b018148a0d1986221080846f4cf9b6d239585a159e03296c5d4ca6ee8ea031583e428e865d5f09eca86e9213b532d43354cc60e088219299dfa8
SSDEEP

384:xQAXL6QVgvHDrkbVgKJAlLqNOef6ZENUNBhJZBGKiScI:WAXOQCvjgbVg/Qfg1vZ0KSI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
083dd5b98f9789dbe27212c3e8071b3b_JaffaCakes118

Files

083dd5b98f9789dbe27212c3e8071b3b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

0474e81343c17d03c3c3368b5b4e1ffa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

InternalExtractIconListA
DllRegisterServer
DAD_ShowDragImage
CheckEscapesA
IsLFNDrive
OpenRegStream
Options_RunDLLW

wsock32

WSAAsyncGetProtoByNumber
__WSAFDIsSet
s_perror
listen
TransmitFile
AcceptEx
shutdown
recvfrom
GetTypeByNameA

user32

CheckDlgButton
CreateDialogParamA
AnyPopup

Sections

��t
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE