88f4b11f62a2e64eb98d562f7126d138_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88f4b11f62a2e64eb98d562f7126d138_JaffaCakes118
Size

32KB
MD5

88f4b11f62a2e64eb98d562f7126d138
SHA1

cc013e3035eeb5698a2192e24180164021513e87
SHA256

fcfc559f8e156d8156e467c343b2cdd4249a829340017cc3dfc1277e64937b1e
SHA512

d2951a3434d2e99f9266c8490eb446c5f0b2589fbdb75b6fa99afc98010dda03f5339f8061e91f98282721ed78d92aa06b3e442ffc1f9d62db8d37b492181865
SSDEEP

384:DcTTOSmsImR+a3gt4oomlV2yi6lYMybb5g4tbW:iTO4IMp3Kb0EYMyX5Xtb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88f4b11f62a2e64eb98d562f7126d138_JaffaCakes118

Files

88f4b11f62a2e64eb98d562f7126d138_JaffaCakes118
.exe windows:4 windows x86 arch:x86

91c1c9a7ef8626d19167b9e6da41587c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetStdHandle
FlushFileBuffers
LoadLibraryA
GetProcAddress
HeapReAlloc
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetLastError
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
CloseHandle

ws2_32

WSAStartup
socket
htons
connect
send
recv
closesocket
WSACleanup
inet_addr
gethostbyname

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE