304336ee5bcec56aea2387f803f5fbbb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

304336ee5bcec56aea2387f803f5fbbb_JaffaCakes118
Size

33KB
MD5

304336ee5bcec56aea2387f803f5fbbb
SHA1

706285b98eb459729f9a1126fc796e8d6f3988a9
SHA256

581876554253087a3d6e1f4915b08537732329d641e1dba29aba3eb830c34e8a
SHA512

bab52b7c01c1f74f748b93a9f5089794304b7a425f897a98050c84ed0d4a1f0eb7797b8955cc44737045b2377d19c71b369cb283d22a099c70841314d839952d
SSDEEP

768:G4Nm9SuZ+7Zb9EjOZeZyJcNgNw7mL+v8pI4iEyHPbqH/PLNfNUEIL0MO:G4Nm9SK+HsOc6qaav1RTqH/TAEaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
304336ee5bcec56aea2387f803f5fbbb_JaffaCakes118

Files

304336ee5bcec56aea2387f803f5fbbb_JaffaCakes118
.exe windows:1 windows x86 arch:x86

03ad0e7466f932be0eac8a21bacd8511

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetCancelConnectionA
WNetAddConnection2A

wininet

InternetCheckConnectionA

kernel32

ExitProcess
GetCommandLineA
GetDriveTypeA
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
GetTickCount
CopyFileA
RtlUnwind
Sleep
CreateMutexA
CreateThread

user32

MessageBoxA

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA

crtdll

_iob
_itoa
__GetMainArgs
_strnicmp
abort
exit
fclose
fopen
fputc
fwrite
localeconv
memcpy
memmove
memset
pow
raise
rand
signal
srand
strcat
strchr
strncmp
strtol
wcslen
wctomb

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE