35e1b8441bf65fb7d0ad5eccab170032_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

35e1b8441bf65fb7d0ad5eccab170032_JaffaCakes118
Size

104KB
MD5

35e1b8441bf65fb7d0ad5eccab170032
SHA1

46a40601a9a90e6729c18140b7a473304d28be74
SHA256

98a387d878b86bbad9f794db940d232ff4e75044304264f7506f57fcdfd6e93b
SHA512

ce32a09158dc2c7baddec84d16cf98465f6275c4513f4b8cd509587cdc88901524d21612f174bc36941224f90b0a6b0b0fda8a9e01664c0df1cbbb8db0bd4320
SSDEEP

768:ovx41kS8uGTppZuk4u4BRwEY0G/XFzAQy2m5iBlfjlI:ok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35e1b8441bf65fb7d0ad5eccab170032_JaffaCakes118

Files

35e1b8441bf65fb7d0ad5eccab170032_JaffaCakes118
.exe windows:4 windows x86 arch:x86

768a1d97e127eda949c3a6ba5b36a197

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
ExitProcess
Sleep
CreateThread

mpr

WNetAddConnection2A

rpcrt4

RpcRaiseException
NdrPointerBufferSize
NdrConformantStringBufferSize
NdrPointerMarshall
NdrConformantStringMarshall
NdrConvert
NdrConformantArrayUnmarshall
NdrClientInitializeNew
NdrNsGetBuffer
NdrNsSendReceive
NdrFreeBuffer
RpcStringBindingComposeA
RpcBindingFromStringBindingA
RpcStringFreeA
RpcBindingFree

msvcrt

__dllonexit
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
free
malloc
memset
printf
strlen
sprintf
strcpy
_except_handler3
_chkesp
memcpy
memcmp
_onexit

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ