8c1f180c2ed5b95494156dd13677aad0_JaffaCakes118 | Triage

Sharing

General

Target

8c1f180c2ed5b95494156dd13677aad0_JaffaCakes118
Size

7KB
MD5

8c1f180c2ed5b95494156dd13677aad0
SHA1

f4c3d0c0ef9ce8972e341ecb23f06c17c95d8a1c
SHA256

21507286898b3ebdb7243eecb08ac752c6adef6cff83982152ff13b51e51d9a2
SHA512

c16580fbe03117d9cf44b18b7d2c6848fb495b2387d36f3a14fb45133ce2da2cd95fe96c70515c1c13f212486e8b3822b6dffd28f057317a2bfe74c7eb83d6b4
SSDEEP

96:FvqmAam4N2KoGscUqJTBiCdd97KEaKXq5ja9BtFk8C6:RqON2mUqW+d9eELa09BHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c1f180c2ed5b95494156dd13677aad0_JaffaCakes118

Files

8c1f180c2ed5b95494156dd13677aad0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

357d2314ab37ea71f85ff12a9121e683

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
wsprintfA

kernel32

FindClose
FindFirstFileA
FindNextFileA
GetFileSize
GetSystemTime
GlobalAlloc
ExitProcess
GlobalLock
GlobalUnlock
ReadFile
RtlZeroMemory
Sleep
lstrcatA
lstrcpyA
lstrcpynA
CreateFileA
CloseHandle
GlobalFree
lstrlenA

advapi32

RegSetValueExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegCreateKeyExA

wsock32

connect
gethostbyname
htons
inet_addr
closesocket
recv
send
socket
inet_ntoa
WSAStartup

wininet

InternetGetConnectedState

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE