2a841713b86d818e0f74bef6d3fe3bb7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a841713b86d818e0f74bef6d3fe3bb7_JaffaCakes118
Size

16KB
MD5

2a841713b86d818e0f74bef6d3fe3bb7
SHA1

b9cb5b94ed14e5bc66fe79f8f7e644e30d5bcc2e
SHA256

ad8295fc80d1e3c1ad0d2bb45de1232ccdba1137a35e2633452ab912d141081f
SHA512

b5d6b5d507a1b4e57b0326ca08c0786813ec3d07d7fda6867901a4165b149eaec3e959cc8e9a950018a2c4b49a0c2e2e77cbd4b4ac6ddebf16b9c94484b939eb
SSDEEP

384:s8pA7j5QG8cE36UX3Lfo1lzerlCs/RxkgGLNbavRrMWc0RGy5wGp:s8uPV8p6UHLfo1lSCaktLAQWcPy5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a841713b86d818e0f74bef6d3fe3bb7_JaffaCakes118

Files

2a841713b86d818e0f74bef6d3fe3bb7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

64f497dcf000996fac033515598fac71

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

sprintf
_except_handler3
rand
_adjust_fdiv
__getmainargs
free
_controlfp
__p___argv
_strnicmp
_stricmp
__set_app_type
memset
_strupr
__p__fmode
_ltoa
atoi
strcpy
__p___argc
__setusermatherr
_XcptFilter
strlen
??2@YAPAXI@Z
exit
__p__commode
sscanf
strstr
_exit
_initterm
_acmdln
strcat

kernel32

GetDriveTypeA
GetLastError
CloseHandle
DeleteFileA
FindClose
TerminateProcess
SetFilePointer
CreateFileA
FindFirstFileA
GetStartupInfoA
GetLogicalDrives
PeekNamedPipe
ReadFile
WriteFile
CreatePipe
GetEnvironmentVariableA
GetFileSize
GetTickCount
GetModuleHandleA
GetCurrentDirectoryA
LoadLibraryA
GetProcAddress
CopyFileA
Sleep
CreateProcessA

ws2_32

gethostname
send
select
inet_addr
gethostbyname
recv
setsockopt
socket
htons
bind
connect
closesocket
WSASetLastError
WSAStartup
WSACleanup
__WSAFDIsSet

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE