4727c9f432cfa51fde3adc8747c08bdc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4727c9f432cfa51fde3adc8747c08bdc_JaffaCakes118
Size

7KB
MD5

4727c9f432cfa51fde3adc8747c08bdc
SHA1

aee4d74fb8022951b0cf00393713186fe425de6a
SHA256

2179396adaab164a71c7f06e1b8dcf3635281c2ccc6e79fc04a2377eb536495a
SHA512

dcc0c20004baa465284501999417430e59107525da2bf7383f12262862b7b6e851c06b4bc53c19e64c449498e61f65143708440a4ef24137da8386c08b336fa7
SSDEEP

96:DKdacHLXfqBQPfYZRIr7Rm1xMPSOQNCjbpAO1s5sq9XQM0Gi9XGv0AC:W0ISBMfYHiPSjUBE+EXQMFixGvJC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4727c9f432cfa51fde3adc8747c08bdc_JaffaCakes118

Files

4727c9f432cfa51fde3adc8747c08bdc_JaffaCakes118
.exe windows:1 windows x86 arch:x86

dd4f61b557f230acfd0cdad6ced24b82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA

user32

CreateWindowExA
DefWindowProcA
DestroyWindow
DispatchMessageA
EnumChildWindows
FindWindowA
GetMessageA
KillTimer
PostQuitMessage
RegisterClassA
RegisterClassExA
SendMessageA
SetTimer
ShowWindow
TranslateMessage

rasapi32

RasEnumEntriesA
RasGetEntryDialParamsA

wsock32

closesocket
send
recv
connect
ioctlsocket
htons
socket
inet_addr
gethostbyname
gethostname
WSACleanup
WSAStartup

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateThread
ExitProcess
GetCommandLineA
GetComputerNameA
GetFileSize
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GlobalAlloc
GlobalFree
ReadFile
SetFilePointer
WriteFile

Sections

AUTO
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 512B - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE