456dbf6f75aec8cf84e7d6f85267c611_JaffaCakes118 | Triage

Sharing

General

Target

456dbf6f75aec8cf84e7d6f85267c611_JaffaCakes118
Size

24KB
MD5

456dbf6f75aec8cf84e7d6f85267c611
SHA1

eaa1af932ed27ada579619fcfcfd45d61599f48b
SHA256

6e291d65901090f0fb8e0d8750c9b9cac34b6194f7dbafc5cfc94cd5d2a5f8b1
SHA512

6d4488eef4a0969e55c1f395816cf8e6d4f8da5548fa32a5708de8a2b6eda3da3d6630d7d5c5883e74bc81321ff6a20f94730a5d6b71752164ed4d15e4526e96
SSDEEP

384:KM5RdQl+oGUNAwav2VIV5gvsn4De4PPvHHPx+Ady4Nt1Y:KgQl+oGUNAP2uvd/GngAdy4HC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sof2guidboom.exe

Files

456dbf6f75aec8cf84e7d6f85267c611_JaffaCakes118
.zip
q3huff.h
sof2guidboom.c
sof2guidboom.exe
.exe windows:4 windows x86 arch:x86

4db0bb9c34cf7198656c3548777045d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetModuleHandleA
GetProcAddress
InitializeCriticalSection
InterlockedExchange
LeaveCriticalSection
SetUnhandledExceptionFilter
Sleep

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
atexit
atoi
exit
fprintf
fwrite
malloc
memcpy
memset
printf
puts
setbuf
signal
strchr
strerror
strlen
strncpy
time
toupper

ws2_32

WSAGetLastError
WSAStartup
closesocket
gethostbyname
htons
inet_addr
inet_ntoa
recvfrom
select
sendto
socket

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
winerr.h