8b82f6ac95b83fe608ff23bb0bcda369_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b82f6ac95b83fe608ff23bb0bcda369_JaffaCakes118
Size

11KB
MD5

8b82f6ac95b83fe608ff23bb0bcda369
SHA1

395d752488bf5726d127c982a905f58d5ab88a23
SHA256

7bfa771a25131fde9744763588cb037a206b1ab11c2fc5c4cdeea4a89dce6e16
SHA512

967db3bb2e069b46879763140aac80f649e1d5e2813658da981671e4229e5639936ede4ec56a7a130050d86bc36744ae8c98f5b48843a27b2b7f6e14aac1952c
SSDEEP

192:seG1lESBNaSZqHk5Ix8cwaVkFG+wo866N2ND9ZWhltTYvBH//:sLxBESZqE5i8cwaGQ+T/RND3WjtTs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b82f6ac95b83fe608ff23bb0bcda369_JaffaCakes118

Files

8b82f6ac95b83fe608ff23bb0bcda369_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ff4220ba7bb1561fb98979f3990eae76

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrcpyA
WriteFile
CreateThread
CreatePipe
TerminateProcess
TerminateThread
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
CreateProcessA
SetFilePointer
lstrcatA
GetSystemDirectoryA
GetVersion
lstrcmpiA
GetFileSize
GetModuleHandleA
ExitProcess
GetLastError
CreateMutexA
WritePrivateProfileStringA
GetWindowsDirectoryA
GetPrivateProfileStringA
ReadFile
CloseHandle
lstrlenA
CopyFileA
lstrcmpA

user32

ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
DefWindowProcA
PostQuitMessage
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA

ws2_32

socket
WSAStartup
inet_addr
htons
bind
htonl
recvfrom
sendto
closesocket
shutdown

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ