2822ffc5989933709ed8ea85ad9adedf_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2822ffc5989933709ed8ea85ad9adedf_JaffaCakes118
Size

92KB
MD5

2822ffc5989933709ed8ea85ad9adedf
SHA1

cca5f70f11016491832593c9e2bd6c2c9f742a57
SHA256

a4b6637d190f8a1d2cf2a4740c0ca7d33424cfe85d5408315c88531de84a28f5
SHA512

239b60dae1b8febd422f1428f58e785c2dbb9781d7bfb55798549a27fef6bd25e67a089469a5410272a5610d68a978f4a8edf8509b80eeeb056ed1f9fb2f6a39
SSDEEP

1536:3YUERQJA+nw0+hH6uduUJK+gxZxfJAlDCS2c2eLMJlI:3Y3RPqKd6xUJ8xZxBAJC9eLM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2822ffc5989933709ed8ea85ad9adedf_JaffaCakes118

Files

2822ffc5989933709ed8ea85ad9adedf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0fd369fd9466ad47bf1d587ba65bec9d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
MoveFileExA
Sleep
CloseHandle
CreateFileA
GetLastError
SizeofResource
lstrlenA
lstrcatA
lstrcpyA
GetProcAddress
LoadLibraryA
LockResource
OpenFile
WriteFile
FreeResource
GetFileTime
GetSystemDirectoryA
SetFileTime
ExitProcess

advapi32

RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA
RegFlushKey
RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAIoctl
inet_ntoa
closesocket
socket
WSAStartup

msvcrt

malloc
strncmp
strrchr
time
srand
strcpy
memcpy
strncat
strlen
memset
_itoa
rand
atoi
strcat

Sections

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ