8a5730e66d803c03ac3468cafb33eaea_JaffaCakes118 | Triage

Sharing

General

Target

8a5730e66d803c03ac3468cafb33eaea_JaffaCakes118
Size

28KB
MD5

8a5730e66d803c03ac3468cafb33eaea
SHA1

ade4d4c7725402bbb69b96799bc0b16ece178c0c
SHA256

fc9a7a8497d099e0ad17eff8ca8c164b5d61631bb04ece4ce84ddf384e338ffd
SHA512

efe2b0f137f934aae51c6efe72be02c9e1c4c9fd369927287b939b6a274982735c7fd5f5ce2ae2742673c527d69a6d1d07492f370dadbb63ebe457ebff8b7ad4
SSDEEP

384:UJf4Y62cKgi0HI9xGVFKmhDIUKKmG3TUHmJ+:Uf62cKghHyxxm6UKKmuQHm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a5730e66d803c03ac3468cafb33eaea_JaffaCakes118

Files

8a5730e66d803c03ac3468cafb33eaea_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a385b92ce6b13586f32c57ad8165d730

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

htonl
bind
socket
inet_addr
gethostbyname
WSASetLastError
send
recv
setsockopt
connect
WSAGetLastError
closesocket
htons
ntohs
ntohl

msvcrt

_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
memset
_CxxThrowException
sprintf
toupper
??3@YAXPAX@Z
strcpy
??2@YAPAXI@Z
strlen
strcat
strcmp
__CxxFrameHandler
memcpy
_stricmp

kernel32

GetTickCount

Exports

Exports

GetFirstMX
GetNextMX

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ