74d08779043c91e1428f80d58c66d24f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74d08779043c91e1428f80d58c66d24f_JaffaCakes118
Size

44KB
MD5

74d08779043c91e1428f80d58c66d24f
SHA1

63d17bbc2bf922dfa3e8b5d54d2bbd59ad2be3d4
SHA256

f7da202c9566246f215e2fce17e10c2d25b8c999ca2bf97be468210e65aad773
SHA512

5674346ebb6a7382863c571d0aefebab3c9d557db0040a1bb3b6a167b6e43fb64e82f6ca3f1d5003ed5c5dddaaa922f8f02da055c445f023a31cc66a70394a4e
SSDEEP

384:LnFvuwdFTTvWSE9Bc50fUcNnH7XNt8M154BRjCfrSwrygFM7+isBCoXkZMB:Lnw0PvWXe0MU3BYRGmwrXArsBCoX+M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74d08779043c91e1428f80d58c66d24f_JaffaCakes118

Files

74d08779043c91e1428f80d58c66d24f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0beee904a08e5103f733a4cb5680d243

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegDeleteValueA
GetUserNameA

wsock32

socket
inet_ntoa
connect
htons
ioctlsocket

kernel32

FlushFileBuffers
LCMapStringW
LCMapStringA
SetStdHandle
GetOEMCP
GetACP
FreeLibrary
GetProcAddress
LoadLibraryA
ExitProcess
Sleep
CreateThread
DeleteFileA
CloseHandle
WriteFile
CreateFileA
GetLastError
GetTickCount
GetSystemDirectoryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
SetFilePointer
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE