4bd1b47af03299e6f2810bf92cfcf394_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bd1b47af03299e6f2810bf92cfcf394_JaffaCakes118
Size

14KB
MD5

4bd1b47af03299e6f2810bf92cfcf394
SHA1

1fd002bf713708fa0cfa09e53dc5fcc28ee4b722
SHA256

c90866bd84b4d8abbcae7c1114e80471f5223c233ffa5e744d84cb86e3ffbb4f
SHA512

be3c010c447e3cd966ab751fc58b06ca7c6eea9104194e7fa5534c9b8584300358c2ba95e24cc5ab1af398c340190fe5b7cf308481b52983cbf693e135654d7c
SSDEEP

384:jhp1A+/3ESAJqalwcYR6o+oSovo0oOmoyowo4UEu3uGN:jhQ+87oalIR6o+oSovo0oOmoyowo4U9V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bd1b47af03299e6f2810bf92cfcf394_JaffaCakes118

Files

4bd1b47af03299e6f2810bf92cfcf394_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d5f393b2540e8e9c0dca45ec4520f40a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
ReadFile
WaitForSingleObject
PeekNamedPipe
SetEvent
TerminateProcess
GetLastError
CreateEventA
CreateProcessA
GetStartupInfoA
CreatePipe
GetComputerNameA
TerminateThread
CreateFileA
GetFileSize
SetEndOfFile
SetFilePointer
WriteFile
WaitForMultipleObjects
CloseHandle

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyA
RegCloseKey
RegCreateKeyExA

ws2_32

WSAStartup
inet_addr
htons
socket
connect
send
setsockopt
recv
closesocket
WSAGetLastError

msvcrt

_strnicmp
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
??3@YAXPAX@Z
strncpy
atoi
strstr
sprintf
__CxxFrameHandler
_CxxThrowException
strchr
_beginthreadex

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 938B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ