08b2f6a0cd75cb15b8c6187a9a583997_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

08b2f6a0cd75cb15b8c6187a9a583997_JaffaCakes118
Size

28KB
MD5

08b2f6a0cd75cb15b8c6187a9a583997
SHA1

53aa64fe3c6ad71811fbd4f83dbae0e1e9f3ef88
SHA256

f6fc2827e81c43dc721474fb9c346f2a0bdb1a2d7c337591f336ee2be84b796a
SHA512

05c1f87f1d0f0b5420fba810f4eb4f558a27bfd9918ba7b9bc50aadf4830acbfa4739fcd7b93b9c75bdbc53c3c0b7c92b5822a4cff2f4d21ded155f6516b8099
SSDEEP

384:s2bpsT83SXjGtPQ1kzDXquj5mlw/HcEybQ/ruAWoKvx96:sF83iGtPQwDXquj/HtjuVoKvx9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08b2f6a0cd75cb15b8c6187a9a583997_JaffaCakes118

Files

08b2f6a0cd75cb15b8c6187a9a583997_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e1560579bc3d2d381308bfead5cdce83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
inet_addr
WSAGetLastError
htons
send
socket
WSAConnect
WSACleanup
recv
closesocket

kernel32

GetStartupInfoA
HeapDestroy
CloseHandle
SetStdHandle
GetStringTypeA
LCMapStringW
GetStringTypeW
MultiByteToWideChar
SetFilePointer
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetACP
GetCPInfo
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetLastError
FlushFileBuffers
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE