16fa5b1d2601ae5ba2d2b236c1b3d3ad_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16fa5b1d2601ae5ba2d2b236c1b3d3ad_JaffaCakes118
Size

92KB
MD5

16fa5b1d2601ae5ba2d2b236c1b3d3ad
SHA1

0c6c9f835a468ce5c2e322bf65eaec1f4f81a112
SHA256

89e75b21586a5ef3dbfaf5a5edcca04b5d7e3af5efb0db6df7e6acae6862da23
SHA512

3f486436371bf9a116e0c297222a3828473a5e36f72a713c1b82616d2098ea0659f26ffc1b37e47f7d795ebcdf9353fdda4ab5bdcb7b52a8e1c6b86502c06ee7
SSDEEP

1536:K1RjUsx/KX5KA0dlJHHoOebMB1jCIpKeKerUmDpJ9vV1mtVsT57nC67PO:QRV/KXEjdTHHFe41jjpQe1pWI5nCkO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16fa5b1d2601ae5ba2d2b236c1b3d3ad_JaffaCakes118

Files

16fa5b1d2601ae5ba2d2b236c1b3d3ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12c32bb28e504fa418fc8085051df736

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

printf
memcpy
_snprintf
sprintf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
strlen
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
malloc
srand
rand
free
_snwprintf
memset
wcscpy
strcpy
atol
strstr
strcat
atoi
strcmp
fopen
_initterm
fclose

kernel32

SetErrorMode
DeleteFileW
GetModuleFileNameW
GetCommandLineW
GetTickCount
MultiByteToWideChar
CreateFileW
WriteFile
CloseHandle
GetLastError
SetLastError
GetModuleHandleA
GetProcAddress
Sleep
GetStartupInfoA

ws2_32

socket
closesocket
send

user32

MessageBoxA
IsZoomed
FindWindowA
GetClassNameA

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ