0b39d06bd1ad7e471cf3b40d7a2e420b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b39d06bd1ad7e471cf3b40d7a2e420b_JaffaCakes118
Size

24KB
MD5

0b39d06bd1ad7e471cf3b40d7a2e420b
SHA1

c603fe19f42285896e11dff692a7dad1b8faf67f
SHA256

f179d1c18a42304ad4e04243d169188d7c61ee07715006dbd368cc9b306be5c2
SHA512

999e5d0e9d9f88bf2f4ecf4fb3d1fade0dc23917ed518fa1a6dc510326d0c9c2fdf93f96bfdf2996d5e0048193d149df87544469c30b79d7752542463ccfb171
SSDEEP

384:deXLa8bkNjc8ebnOD7woU4e6Z1+GJLsuZswDNCz/vM75qa0:diJcCADVe61rguZXN8/vM7C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b39d06bd1ad7e471cf3b40d7a2e420b_JaffaCakes118

Files

0b39d06bd1ad7e471cf3b40d7a2e420b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d32cb9e6081f930e60ddf5ffb3323e51

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetDlgItemTextA
GetDlgItemTextA
EndDialog
DialogBoxParamA
wsprintfA
SetTimer

kernel32

lstrlenA
lstrcatA
RtlZeroMemory
GetPrivateProfileStringA
GetModuleHandleA
GetCurrentDirectoryA
ExitProcess

wsock32

WSAAsyncSelect
WSAGetLastError
WSAStartup
connect
htons
inet_addr
ioctlsocket
recv
send
socket

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ