3c82bdf562e62724b9e7b032ebb560d1_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c82bdf562e62724b9e7b032ebb560d1_JaffaCakes118
Size

18KB
MD5

3c82bdf562e62724b9e7b032ebb560d1
SHA1

d3f7e95c9e6a3ef1372af393cb3a60cac72b3447
SHA256

a0d55e479967ea85aaec60141fbcf04f116579c01ac11acc490653f20360bbdb
SHA512

cb511e8d6988cf600613973484ac69efd7b83511b2b7856c3cce600d6391bb97d3914f3d1b9d0457f47706a621d9418801e1f052fa4e7d072863fc03b9284922
SSDEEP

384:a27KBHVQaeQCmAJMSnkrN3/Bwog98RRHZLDrJ3vv:a2eBHiTmk54xyolr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c82bdf562e62724b9e7b032ebb560d1_JaffaCakes118

Files

3c82bdf562e62724b9e7b032ebb560d1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97ebf9932c42f272c4a3a351d08a37ec

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htons
setsockopt
inet_addr
connect
recv
socket
closesocket
gethostbyname
send
WSAStartup

kernel32

ReleaseSemaphore
ExitProcess
GetThreadContext
CreateFileA
SetThreadContext
FreeLibrary
SetUnhandledExceptionFilter
QueryPerformanceCounter
VirtualFree
WriteFile
Sleep
CreateProcessA
TerminateProcess
GetEnvironmentVariableA
IsBadStringPtrA
GetLastError
lstrcmpiA
GetProcAddress
VirtualAlloc
CopyFileA
VirtualAllocEx
GetTempFileNameA
LoadLibraryA
GetModuleFileNameA
CreateMutexA
ReleaseMutex
CloseHandle
WriteProcessMemory
ResumeThread
CreateThread
WaitForSingleObject

user32

wsprintfA

advapi32

RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 506B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ