5abaadef554bfc0494a178f7b6c7037e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5abaadef554bfc0494a178f7b6c7037e_JaffaCakes118
Size

48KB
MD5

5abaadef554bfc0494a178f7b6c7037e
SHA1

67fd6317576b00b82b99740bbc1ad6c32ca5826e
SHA256

e56d2fcb1a2b1a60ed4ba4bcebac92492dffb44bb0408aa53748710a6ae35b93
SHA512

0053cf3ea142cca7416e989b0730c3d042e74fd14da742f96dfb2d11c15f00d2f3764b0acfe55ad94f20cf5d14938eabc2a72e9a913d68638f2cacf7be1ee271
SSDEEP

384:NpUuL5jAHow/UpPV4+A8EsPufr0QZLPuDoTPbufyyu57hOcTms4TpUuL5jAHXVcS:XVMj0PNARLPS4yQOPfRVM3VcDM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5abaadef554bfc0494a178f7b6c7037e_JaffaCakes118

Files

5abaadef554bfc0494a178f7b6c7037e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5e76f2b1037fb78646b1fd955cb452f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegCloseKey

kernel32

CloseHandle
CopyFileA
CreateFileA
CreatePipe
CreateProcessA
CreateThread
DeleteFileA
ExitProcess
ExitThread
GetCurrentThread
GetExitCodeProcess
GetFileSize
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemDirectoryA
GetSystemTime
GetTickCount
GetVersionExA
PeekNamedPipe
ReadFile
RtlZeroMemory
SetCurrentDirectoryA
Sleep
TerminateProcess
TerminateThread
WinExec
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA
lstrlenA

user32

wsprintfA

urlmon

URLDownloadToFileA

wsock32

htonl
socket
WSACleanup
WSAGetLastError
WSAStartup
accept
bind
closesocket
connect
gethostbyname
gethostname
htons
ioctlsocket
inet_addr
inet_ntoa
listen
ntohl
recv
send

Sections

Size: 44KB - Virtual size: 44KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE