84ea3b4bab7837b8efaa88c1acf86325_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84ea3b4bab7837b8efaa88c1acf86325_JaffaCakes118
Size

144KB
MD5

84ea3b4bab7837b8efaa88c1acf86325
SHA1

bc956c6c381df5b2d43b00c3a204b60ca6f343cc
SHA256

6a29e2498ae2476b96b153917eacd9e6a09cc79a27850caf4f8c9b64d53d19da
SHA512

b7c68daa0a6e064fe3312b3e12d036210da668f3355760ec56ea01035fcb2466b9f5ff6714e30462c6c32fa7506319fabbbf5601c53ef966eada664947012423
SSDEEP

96:GeFd39esPOqi8mz98a5JN4gYbnwHXEH9s+U7Esvi17kv+Omt4ubgbzumSPTcxfb:G7sPOqiFL2bnw3EH9s+iOZP75

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
84ea3b4bab7837b8efaa88c1acf86325_JaffaCakes118

Files

84ea3b4bab7837b8efaa88c1acf86325_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62aed871915abcfa98fa23dce2c93416

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SetWindowLongA
SetTimer
GetMessageA
DispatchMessageA
CreateWindowExA
wsprintfA

kernel32

lstrlenA
lstrcmpiA
lstrcmpA
CloseHandle
CopyFileA
CreateFileA
DeleteFileA
ExitProcess
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
LocalAlloc
ReadFile
WideCharToMultiByte
WriteFile
lstrcatA

wsock32

gethostname
WSAStartup
recv
send
socket
closesocket
connect

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey

shell32

ShellExecuteA

ole32

CoInitialize
CoTaskMemFree

wininet

FindFirstUrlCacheEntryA
FindCloseUrlCache
DeleteUrlCacheEntryA
FindNextUrlCacheEntryA

Sections

��t
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE