60f2ca4b89d45b65a385ee2b6c816486_JaffaCakes118 | Triage

Sharing

General

Target

60f2ca4b89d45b65a385ee2b6c816486_JaffaCakes118
Size

5KB
MD5

60f2ca4b89d45b65a385ee2b6c816486
SHA1

ccce813aa50ab56c2fe3894c0f82daf5ed3c3b19
SHA256

d8c6d46470c8a5347c8d3aeba7e0fa89cc7ed8e7859b525ff461d5f509710cce
SHA512

2756a018a5bd4e215c1db94eff878d67e406a80e53bac141e32c87cfb8766842fa6e44bc681d373876b5940c56430440c4df96c21df8f8c1e7342ee65576f46b
SSDEEP

48:ytLy1C1L2QiIpYkI0hho5wEqSuIR+i4uBYv/jzjMUC5uIyyy:6gC1NLhG5wEqSFki1Y/j3FwyN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60f2ca4b89d45b65a385ee2b6c816486_JaffaCakes118

Files

60f2ca4b89d45b65a385ee2b6c816486_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9087e17d0bfc82a6d8cb3eef052664a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

wsock32

listen
inet_ntoa
send
socket
htons
closesocket
bind
accept
WSAStartup
WSACleanup
recv

kernel32

ExitProcess
lstrcpyA
lstrlenA
lstrcmpiA

shell32

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 514B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE