5e7a08d1f17de8724aac76c1c61607cb_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e7a08d1f17de8724aac76c1c61607cb_JaffaCakes118
Size

21KB
MD5

5e7a08d1f17de8724aac76c1c61607cb
SHA1

5c0cfbd0edffb8e81eb9e85cd18cbea83c39b4a8
SHA256

aec8f4ca4cfe40de04f4864fbf8c4c9860237166fc43f7ce6c1d3945ab66805c
SHA512

b4648f9c1084990d9cec53ee86d0d2a8077990d5c37661458b0e8382776a24fb13101e5aa6470d8c11b9c8bea6bbbb9c3773e4e03e27576c1bc0f13cb82b2fde
SSDEEP

384:MFakaDgVHC9WZJJXQYg3UnAi9D0odDOYJU0XWw9Lo:MFaraHC6JAYNAytxRaIWw9Lo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e7a08d1f17de8724aac76c1c61607cb_JaffaCakes118

Files

5e7a08d1f17de8724aac76c1c61607cb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39f43a83cde8674b9fe64a9cfdd03553

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

strncmp
strstr
strchr
atoi
strncpy
RtlRandom
sprintf
memset
_chkstk

kernel32

GetLastError
GetSystemTime
CloseHandle
GetModuleHandleA
GetModuleFileNameA
GetLocalTime
CreateFileA
SetFilePointer
SystemTimeToFileTime
GetCurrentProcess
VirtualFree
GetWindowsDirectoryA
WriteFile
Sleep
TerminateProcess
ReadFile
GetSystemDirectoryA
GetTimeZoneInformation
SetCurrentDirectoryA
VirtualAlloc
GetProcAddress

wininet

InternetConnectA
InternetCloseHandle
InternetOpenA
HttpSendRequestA
HttpQueryInfoA
HttpOpenRequestA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE