7790bf073fc826ee9c137c6345baab98_JaffaCakes118 | Triage

Sharing

General

Target

7790bf073fc826ee9c137c6345baab98_JaffaCakes118
Size

20KB
MD5

7790bf073fc826ee9c137c6345baab98
SHA1

33c2530ef4c99e5b2abc8ff85093263ad5a3226e
SHA256

41c8cc5a288e79a1a9be2875152f8250282755a99841e3fa246b0b45c501a5cc
SHA512

3ead0b9023b5a9fc8390ca62da5d9bf99a47ed268888746d958dec20b138667250af0a1069f72e2d3f67cdca5b550016417ff94726a171b26659db66800c218b
SSDEEP

192:WiemiHfKmrQXzUCzUQjmZBdZDoWC9SgXFtLYNCY8o1oedXq39x:ztOfKcETpmlOro1oedX2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7790bf073fc826ee9c137c6345baab98_JaffaCakes118

Files

7790bf073fc826ee9c137c6345baab98_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a03abaeeb9f8aa8433ad99125f791d69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
Sleep
CopyFileA
TerminateProcess
CreateProcessA
CreateMutexA
CloseHandle
OpenMutexA
CreateThread
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
VirtualFree
LCMapStringW
RtlUnwind
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapFree

ws2_32

send
socket
WSAStartup
connect
closesocket
gethostbyname
htons
inet_addr

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 680B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE