3a2db01dfbd46e91803732d29dc5b0a9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a2db01dfbd46e91803732d29dc5b0a9_JaffaCakes118
Size

4KB
MD5

3a2db01dfbd46e91803732d29dc5b0a9
SHA1

6e0f9de7280a2a8430da2febb184ad5dfc4f0ed3
SHA256

24f9c72cf89712d705a8d658355db382b7cfa59a04b2a76825f776b371c2f03d
SHA512

36cf4b7cc0e5c04b48d68da2025fdc5f11430ff19a08bc55c507d9d08ae3e80f863af3e756ddcf1df06ff6764695315b9b9d0d7afa3dc071e6f16808620bf7b6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a2db01dfbd46e91803732d29dc5b0a9_JaffaCakes118

Files

3a2db01dfbd46e91803732d29dc5b0a9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6d05d5755c07c49c61c54932a57b77ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

connect
accept
WSAStartup
recv
bind
socket
closesocket
send
listen

ntdll

NtClose

kernel32

WinExec
LocalAlloc
WriteFile
CreateRemoteThread
SleepEx
SetPriorityClass
CreateFileA
DeleteFileA
LocalFree

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 906B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ