5c41c4a07d21f3db82646d70d8bb25e4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c41c4a07d21f3db82646d70d8bb25e4_JaffaCakes118
Size

32KB
MD5

5c41c4a07d21f3db82646d70d8bb25e4
SHA1

3707b3db2067421e12c66b25949e32deb129a14e
SHA256

75c831c906d8ab05721a95a90e0c2cb93d93ce40d8399a82c9636c7e7ab28139
SHA512

a184d9e914f318ad809433ad34c975b37dc86e2cc3b9ef193b24652c33dc4b554fd17f60d7520dcae37543784530e64b0b502a6af6cd1ea7b81410d0d61c9d07
SSDEEP

768:cPDTqnJc0PH8qTKBGL8x7xsKKBt/Uj/64gXDMLEM9:0DTyJc0PH8qTK8Lys5cZgXDY9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c41c4a07d21f3db82646d70d8bb25e4_JaffaCakes118

Files

5c41c4a07d21f3db82646d70d8bb25e4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

f43d3e486a2bceb96bc1ed40631eb01f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

Extract
CreateAsyncBindCtx
ZonesReInit
DllCanUnloadNow
IsAsyncMoniker
IsValidURL
URLDownloadW

wsock32

accept
htonl
SetServiceA
gethostbyaddr
listen
accept
bind
htons
sethostname

Sections

��t
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE