2963ad43c2c3226ecbe2f39a61147788_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2963ad43c2c3226ecbe2f39a61147788_JaffaCakes118
Size

5KB
MD5

2963ad43c2c3226ecbe2f39a61147788
SHA1

29f4a4390109fd2ed748d95d612a45baad462250
SHA256

43995797f0fef7a06892646ddd738679af37511dfd433f74299ba7c62c1a8117
SHA512

9c33048cdc957425b2f7347721c5e57a3df7eaacd130f8bb40332117db6b980ad303236de8273755c483dc2f877a6bc15b56728aee1a9990d1fb5af1372a251f
SSDEEP

96:oWIJHmKc/Um1EVPFvXD/p4mwOQIsqqDTQIsqTmpAEmme5FUxD:TIRmKCUmA9fD/+xDitSZ/z2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2963ad43c2c3226ecbe2f39a61147788_JaffaCakes118

Files

2963ad43c2c3226ecbe2f39a61147788_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1cde0bde6a544b3d66411ce52d8c783d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
CreateThread
ExitProcess
ExitThread
GetFileAttributesA
GetFileSize
GetModuleHandleA
GetProcessHeap
HeapAlloc
HeapFree
SetCurrentDirectoryA
lstrcpyA
lstrlenA
CloseHandle

user32

DispatchMessageA
GetMessageA
LoadCursorA
DefWindowProcA
CreateWindowExA
MessageBoxA
RegisterClassExA
SetWindowPos
ShowWindow
TranslateMessage
UpdateWindow
wsprintfA
PostQuitMessage

mswsock

TransmitFile

ws2_32

htons
WSACleanup
WSAStartup
accept
bind
closesocket
WSAAsyncSelect
listen
recv
send
shutdown
socket

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 960B - Virtual size: 950B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE