46083743bf89fef7d2e80c624467b888_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

46083743bf89fef7d2e80c624467b888_JaffaCakes118
Size

38KB
MD5

46083743bf89fef7d2e80c624467b888
SHA1

d4689ce803273cb1b66051b687157a7d6fd6ce0f
SHA256

62f9ae2af97c237719106eee1db7c2fbf8ffdf75f1fd7e9783328b49cacb533f
SHA512

258e98718d104a8d1b20ebabd95be8c8d7757639c52b89b483d4714c5aa408c4ea6dd65d85a150fdcc42a224fec28566ebcd257c99ddc8ad8afb5d41b0e3eb88
SSDEEP

768:uBIVtoK8NisADVe61rguZXN8/vM7bkrefb9TqsDYbQ5TM1feJNTs:+K8FAD8GXN+I7fJ+aCl1feE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46083743bf89fef7d2e80c624467b888_JaffaCakes118

Files

46083743bf89fef7d2e80c624467b888_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8b45da0f3d38129984f48444acbb45e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
LoadLibraryA
GetProcAddress
GetModuleHandleA
DeviceIoControl

netapi32

NetUserAdd
NetLocalGroupAddMembers

ws2_32

connect
htons
WSAStartup
socket
inet_addr

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
printf
rand
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm

Sections

.data
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE