89ef65a8e6ede040f57ed9a98bb752ac_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89ef65a8e6ede040f57ed9a98bb752ac_JaffaCakes118
Size

20KB
MD5

89ef65a8e6ede040f57ed9a98bb752ac
SHA1

004a06054e76ae8e09d238ec4d1aef9d1f69ea96
SHA256

fce07f6f319a7e8c8cfe79e5bcbcb3ac206f9c301403cc19f5778d2cb20e3506
SHA512

e769e1b3eba39648f3b7517f0c91430fccc195d5192c74d7e661200f47e216e6d2e42d855e7acde345602714c72d15bb16966fc244805dc9aced6a9a8ab62de7
SSDEEP

384:tIZVVpIEdQwwQpJer6Il0SQG4KSAxqr6+S9Pfu7n5y:I+F1Qo0SQG4K1x1deV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ef65a8e6ede040f57ed9a98bb752ac_JaffaCakes118

Files

89ef65a8e6ede040f57ed9a98bb752ac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c3963680eebd72b51aaf97cf2e79119

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
lstrlenA
GetCurrentDirectoryA
CopyFileA
lstrcmpA
GetModuleFileNameA
GetWindowsDirectoryA
FreeLibrary
CreateFileA
LoadLibraryA
WinExec
GetTickCount
GetModuleHandleA
CompareStringA
lstrcmpiA
lstrcpyA
ReadFile
CloseHandle
GetProcAddress
lstrcatA

user32

GetMessageA
SetTimer
UpdateWindow
CreateWindowExA
RegisterClassA
LoadCursorA
GetWindowTextA
DefWindowProcA
GetParent
GetWindowLongA
PostMessageA
IsWindow
DestroyWindow
wsprintfA
DispatchMessageA

advapi32

RegSetValueExA
RegOpenKeyA
RegCloseKey

ws2_32

socket
htons
inet_addr
connect
send
WSAStartup
WSACleanup
closesocket

wininet

InternetConnectA
FtpSetCurrentDirectoryA
FtpPutFileA
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE