08514ca6ea5c95674642c911101cae7f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08514ca6ea5c95674642c911101cae7f_JaffaCakes118
Size

92KB
MD5

08514ca6ea5c95674642c911101cae7f
SHA1

01c0221f1288770accdc2a14eb9365e0e73b3464
SHA256

737a27718d1f6b6618e4ae3659ef1702b734135e52d75264fe8e5b3789d8677d
SHA512

0d85ccfb82d09a737de2723be1133ac7d62cfb84567fe04bb2919d9a00643f939af8461101d6127a89abdb7846ddd4c92b9400c8441531e5f00f1d685a33d443
SSDEEP

1536:xxeSrRbmGtCeQ27vp3XgwnmcmP4FtcpHyj7awl+:xVrRi01Q2T7pmQFtcpHyO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08514ca6ea5c95674642c911101cae7f_JaffaCakes118

Files

08514ca6ea5c95674642c911101cae7f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f4eb5378aa18f7c1137c30a86ef78e30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
MoveFileExA
Sleep
CloseHandle
CreateFileA
SizeofResource
ExitProcess
lstrlenA
GetProcAddress
LoadLibraryA
LockResource
OpenFile
WriteFile
FreeResource
GetFileTime
SetFileTime
GetSystemDirectoryA
GetLastError

advapi32

RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAIoctl
inet_ntoa
closesocket
socket
WSAStartup

msvcrt

malloc
strncmp
strrchr
time
srand
strcpy
memcpy
strncat
strlen
memset
_itoa
rand
atoi
strcat

Sections

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ