3aba54fcc8d406263939bc376db80ccd_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3aba54fcc8d406263939bc376db80ccd_JaffaCakes118
Size

64KB
MD5

3aba54fcc8d406263939bc376db80ccd
SHA1

1101aa744707e4d50b46eb5f24a3c1721f0946b0
SHA256

0bb10c28d378fcc82d106253397c168f222b245888ed355609c7ce34a09170f5
SHA512

850185879cf68e05610d612e757a2c33e5b0d2b7f23432f7da4b9dfe874d0f15b20f8b6a57834a263e99d78809e63bdf1c15c2b0b8815b52fbeddab9f308b16e
SSDEEP

768:oXRTs6OrPNwOb38Uww8RPrcVkSBECcYqqbjBo2Q8NjW1z7SDae:oBs6O7ww8hIVkHnSo8ae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3aba54fcc8d406263939bc376db80ccd_JaffaCakes118

Files

3aba54fcc8d406263939bc376db80ccd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4835bac91286c4451af7954475c665f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

htons
send
recv
closesocket
socket
connect
WSAStartup
WSACleanup

kernel32

SetFilePointer
HeapReAlloc
CompareStringA
LCMapStringW
LCMapStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
SetEnvironmentVariableA
GetOEMCP
GetACP
CompareStringW
HeapAlloc
HeapFree
GetLastError
DeleteFileA
WideCharToMultiByte
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetStringTypeA
CloseHandle
WriteFile
ReadFile
UnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TerminateProcess
GetCurrentProcess
MultiByteToWideChar
GetEnvironmentStrings
GetStringTypeW
GetEnvironmentStringsW
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
CreateFileA
RtlUnwind
SetStdHandle
FlushFileBuffers
GetCPInfo

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE