4d931432241c0ddb1571b56cfb973c0f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d931432241c0ddb1571b56cfb973c0f_JaffaCakes118
Size

22KB
MD5

4d931432241c0ddb1571b56cfb973c0f
SHA1

a9375b8208a82a6830f8b37d4b14ed2527a05298
SHA256

87755cb1697fd36d340fed0eb3f788fce0143645daae1e6533659925a1306396
SHA512

73017bbefdb51fd6184e9f1d250caeee3a2aaf1d264eba594c70ed4ef7b905b2b5b4d9bf23df4a0cbf029e2f293e16d1dc38ab28b8130d51677822e41f6e6169
SSDEEP

384:NiydPE1ajURrCgjmhMfy72wUVA1GfjJqcAh2EEYuHAMM4TY0sN7NupgTKpBEzs4i:NiydPE1ajURmgjmhMfyDUuuIEYqDPTL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d931432241c0ddb1571b56cfb973c0f_JaffaCakes118

Files

4d931432241c0ddb1571b56cfb973c0f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fdbf5974aa0daebdfb4be2549b4931e4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
Sleep
GetProcAddress
CreatePipe
ReadFile
SetFilePointer
GetFileSize
CloseHandle
GetTempPathA
CopyFileA
GetShortPathNameA
GetEnvironmentVariableA
GetLastError
GetModuleFileNameA
lstrlenA
GetVersionExA
GetVolumeInformationA
GetComputerNameA
LoadLibraryA
GetCurrentThread
GetCurrentProcess
lstrcatA
lstrcpyA

user32

wsprintfA

shell32

ShellExecuteExA
SHGetSpecialFolderPathA
SHChangeNotify

ws2_32

WSACleanup
WSAStartup
gethostbyname
inet_ntoa

shlwapi

PathFileExistsA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
strlen
strstr
strcat
strcpy
memcpy
fclose
fwrite
fopen
strcmp
memset
strrchr
fread
sprintf
realloc
malloc
_exit
_XcptFilter
exit

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ