15693afbcdeb63c41bbbf3cd84ce3759_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15693afbcdeb63c41bbbf3cd84ce3759_JaffaCakes118
Size

8KB
MD5

15693afbcdeb63c41bbbf3cd84ce3759
SHA1

f78f190a581b11059dd1e4a419c5667ba1eeb667
SHA256

f321742da18887c37f3ae0b3d3072989571dc7d1424a7b70dfedb6d47653bed3
SHA512

8aa6c3b9cedc209e4fb7f381d06f73721ba2ff415e993f799efea6267839ddea4f085c0b3cb7590c01187fbf3289946f8331c7c4d80fc38b23eb277d36eb6d24
SSDEEP

192:NOhNyuJsDtn0TKIseXrrM+H8bhAZcJvK:NMNdsG/seMWI4cRK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15693afbcdeb63c41bbbf3cd84ce3759_JaffaCakes118

Files

15693afbcdeb63c41bbbf3cd84ce3759_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fe2c4767821c4f42b735e803341d917c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
CreateFileMappingA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetDriveTypeA
GetFileSize
GetLogicalDrives
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileIntA
GetProcessHeap
GetTempFileNameA
GetTempPathA
GetTickCount
HeapAlloc
HeapFree
MapViewOfFile
ReadFile
RemoveDirectoryA
SetFileAttributesA
SetFilePointer
Sleep
UnmapViewOfFile
VirtualAlloc
VirtualFree
WinExec
WriteFile
WritePrivateProfileStringA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

wsprintfA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

ws2_32

closesocket
recv
shutdown
gethostbyname
inet_addr
connect
setsockopt
socket
WSACleanup
WSAStartup

mswsock

TransmitFile

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE