29ebeba53b4d56dbe356488538757495_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29ebeba53b4d56dbe356488538757495_JaffaCakes118
Size

16KB
MD5

29ebeba53b4d56dbe356488538757495
SHA1

da2e3e3e0a8cc65abccb5e3c02f6a7f8d24c0072
SHA256

aea98231315b07aff94316fea90fe71a35bb812898c6fb138ad8676f4d40d9b5
SHA512

bae8a3bae40c1b62463e72951fb40b362a1bcd364f7286672f63b949011778d712e34fc5e8ae0ec880d56585da07cad3f7014ac0d2ba390d352e295865b085e8
SSDEEP

192:35OqXFGIsXjYWW+a8OanlM4N96oxFsiljQcivyCGDeBVU8d+xThDQwcVNzS8fsWF:JOqVoy6D/tJxnDerU8sxTZQ9VNNfsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29ebeba53b4d56dbe356488538757495_JaffaCakes118

Files

29ebeba53b4d56dbe356488538757495_JaffaCakes118
.exe windows:1 windows x86 arch:x86

4d30e2dc544db79b6e34c5744639563a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

ZonesReInit
DllCanUnloadNow
IsAsyncMoniker
Extract
CreateAsyncBindCtx
IsValidURL
URLDownloadW

wsock32

accept
bind
htons
sethostname
WSAStartup
htonl
SetServiceA
gethostbyaddr
listen

Sections

��t
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE