34940f21e291647e9a6482c83e3ef599_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34940f21e291647e9a6482c83e3ef599_JaffaCakes118
Size

5KB
MD5

34940f21e291647e9a6482c83e3ef599
SHA1

ba17a8072164a9c79261eba68393b018bb9a59e2
SHA256

6d6aba16ffb261682f3a4506d3c3e711ff985f709d6fc2b9c307c798994a7389
SHA512

d0688e7bfd2cb4d916d7320cce67f63bf51400d7451c37905b0b0dd80538673d7e2fb16e996afc44a29c44db0a521df393b25d9eb1e55623f2121d0fbc5a8028
SSDEEP

96:QkkE5j59eglPAE9PoZzxwBJVlW53miF9hS/xFX1u9Ew9XCgPP4oyQbD:NkEFqkPFATMlyf4/vIT9XCsP4oy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34940f21e291647e9a6482c83e3ef599_JaffaCakes118

Files

34940f21e291647e9a6482c83e3ef599_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ebd19d01ee83270308c739aac4ea4f54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
Sleep
CreateThread

msvcrt

malloc
free
_exit
_XcptFilter
exit
__p___initenv
_except_handler3
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
sprintf
__getmainargs

mpr

WNetAddConnection2A

rpcrt4

RpcBindingFree
RpcStringFreeA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrFreeBuffer
NdrNsSendReceive
NdrNsGetBuffer
NdrClientInitializeNew
NdrConformantArrayUnmarshall
NdrConvert
NdrConformantStringMarshall
NdrPointerMarshall
NdrConformantStringBufferSize
NdrPointerBufferSize
RpcRaiseException

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE