388b7cb1743915e630f8a0bfc934d31b_JaffaCakes118 | Triage

Sharing

General

Target

388b7cb1743915e630f8a0bfc934d31b_JaffaCakes118
Size

7KB
MD5

388b7cb1743915e630f8a0bfc934d31b
SHA1

72ee1c60526ef76e236000b4c7307a32658e99ab
SHA256

da602e49ffd6555e354f8c086335d7357607393f80525927fbb5f87ba3fd675c
SHA512

f1c23baec5c68fd2ebaff227c2f8897b66fcbf87790c53dbd96e7671966a80b0ffd9bcf37d55a467054d5ba93570195cdbb693a7da7ae1fc93ce6304bc4a713a
SSDEEP

48:6YZTG3CVVUy5O4FiNeEP2iggYBw3FqnVdl2b5uBTiVxca2BYwyCD6nLYTEzu66SF:TGkFiNei20Uw3b5mT8Ciw+Gqu66SYy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
388b7cb1743915e630f8a0bfc934d31b_JaffaCakes118

Files

388b7cb1743915e630f8a0bfc934d31b_JaffaCakes118
.exe windows:1 windows x86 arch:x86

1eb48b8c7d8a7c0f1209f695d75bd886

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htons
inet_addr
recv
send
setsockopt
socket
gethostbyname
closesocket
WSAStartup
WSACleanup
connect

kernel32

RtlUnwind
Sleep

crtdll

__GetMainArgs
atoi
exit
memcpy
memset
printf
raise
signal

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 748B - Virtual size: 748B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE