622f550f3970257ec195c2d435485e59_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

622f550f3970257ec195c2d435485e59_JaffaCakes118
Size

73KB
MD5

622f550f3970257ec195c2d435485e59
SHA1

5282ab973b3858202f4976c98c4199b810089430
SHA256

e8e9f07009a37f60efdbdae362aff3388f28c5855dcfab25671e36314e99d12e
SHA512

f43f09fe8b14f96cda780148633b11f9eb7c73829f6a2b68dcb49031afef9fab536fbe05f55a3d4b5a700fc58f84641f71c535a45415c7313dae252cba19ba7d
SSDEEP

1536:PiydSM/vwuBJOVJRAsqhPBPDTUahCeOyyd8:pdSw7BJO1AxhPBPDTzVOyyG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
622f550f3970257ec195c2d435485e59_JaffaCakes118

Files

622f550f3970257ec195c2d435485e59_JaffaCakes118
.exe windows:1 windows x86 arch:x86

93eaa00d5e69568a772bcbb0d3ca1d71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
CloseHandle
GetTickCount
CopyFileA
RtlUnwind
SetFileAttributesA
Sleep
WaitForMultipleObjects
WaitForSingleObject
WinExec
CreateMutexA
CreateProcessA
CreateThread

user32

MessageBoxA

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA

ws2_32

WSACleanup
inet_ntoa
htons
socket
gethostname
gethostbyname
connect
closesocket
WSAStartup
send
recv

crtdll

_iob
_itoa
__GetMainArgs
_sleep
_strnicmp
abort
exit
fclose
fopen
fputc
fwrite
localeconv
malloc
memcpy
memmove
memset
pow
raise
rand
signal
srand
strcat
strchr
strncmp
strstr
strtok
strtol
wcslen
wctomb

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 608B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE