2a3b1e7e53b51ff98efcf72594de902f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a3b1e7e53b51ff98efcf72594de902f_JaffaCakes118
Size

93KB
MD5

2a3b1e7e53b51ff98efcf72594de902f
SHA1

838eb700305a114b2f4a9d79f368c6c4356c0ced
SHA256

694b8a814c1424ca0aa6da695640a0f00c42a5967b631948d78957c707b3acc2
SHA512

c91c8ceb9e161813a725044ea8cc0fe8bd9a3621e03e963f14efe7be8314394bfa14c5f38aabbb47e38d4f5d618155779f5027b56822337ddf76a22ee9de531f
SSDEEP

1536:jJsvIyHY7W10+ws0ft4825PqGvergBxfiUV+BPWnXG6PrXfnZL9HuDibrPCcWCf:lSMW1dG2PqKeEBsUV+R+XGCfZhuWPPZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a3b1e7e53b51ff98efcf72594de902f_JaffaCakes118

Files

2a3b1e7e53b51ff98efcf72594de902f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7863b81d1edd538dc044b09c38dfe407

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_snwprintf
rand
srand
printf
_exit
_XcptFilter
exit
_acmdln
__getmainargs
free
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
memset
sprintf
malloc
_snprintf
memcpy
strlen
strcat
wcscpy
strcpy
atol
atoi
strcmp
fopen
fclose
_initterm
strstr

kernel32

SetErrorMode
DeleteFileW
GetModuleFileNameW
GetCommandLineW
GetTickCount
MultiByteToWideChar
CreateFileW
WriteFile
CloseHandle
SetLastError
Sleep
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA

ws2_32

send
socket
closesocket

user32

MessageBoxA
FindWindowA
IsZoomed
GetClassNameA

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE