737a2b4a7749aba9eedc9104d52ae683_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

737a2b4a7749aba9eedc9104d52ae683_JaffaCakes118
Size

16KB
MD5

737a2b4a7749aba9eedc9104d52ae683
SHA1

253ae8c7c1010c22335c7109c8483ec0a82bf173
SHA256

d1af29e5287f9d5455dca910ead05e18d3f566acdf7df3db08c68346caf8a17d
SHA512

50b6db500c125db35867e82f6291a1b29f8405b73fb90ddfa69ad7f3fde893e7f60b7bada81082912378817954a1abd9041eed6628384890f130110502f64001
SSDEEP

96:KZT+fJp1ZOPmyR8TstFh1P4oynIAzGOGW3:KZWZZOPmyCwtJP4oynxzGOG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
737a2b4a7749aba9eedc9104d52ae683_JaffaCakes118

Files

737a2b4a7749aba9eedc9104d52ae683_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1bd51a6dd5106fe45528257744e1775f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
socket
inet_addr
htons
connect
recv
send
closesocket
WSACleanup

msvcrt

_controlfp
_except_handler3
__set_app_type
??2@YAPAXI@Z
strlen
_chkesp
sprintf
strcmp
strtok
strchr
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE