8e2148ee87a33b34ae1d09c54c02786b_JaffaCakes118 | Triage

Sharing

General

Target

8e2148ee87a33b34ae1d09c54c02786b_JaffaCakes118
Size

63KB
MD5

8e2148ee87a33b34ae1d09c54c02786b
SHA1

1599737e1200f290d1583b2c8adff1cf54f9d919
SHA256

2455804380eb98cc454fb927a406c7970bbd251b85f366227f2d4471899284bb
SHA512

1d16db1a9f6e3c8f7e50220a26f882f00792de51f4bf8b81a6c087d49a6b4de9014bdc95a98c1ec3a83540b3bc729a116cc84419143e1ba8d1d4b411f803016a
SSDEEP

768:l3JVoC0Lii1Ol1u+6UMwqqwM+VKSmbsBS8pu7vXsXPQuDJJjFIxl6xEqWlhfPkhF:l5+CSii1O7QwvwBtY8nfQuFIHblNk38

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e2148ee87a33b34ae1d09c54c02786b_JaffaCakes118

Files

8e2148ee87a33b34ae1d09c54c02786b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9d12e0ebe3db6a3c2c2d6a828bc0f2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
lstrcpyA
lstrlenA
lstrcpynA
lstrcmpiA
GetModuleHandleA
GetProcAddress
LoadLibraryA
Sleep
GlobalFree
GlobalAlloc
FreeLibrary
lstrcmpA

ws2_32

inet_ntoa
ntohl
accept
listen
recvfrom
ntohs
sendto
bind
ioctlsocket
setsockopt
connect
WSACleanup
recv
socket
WSAStartup
inet_addr
__WSAFDIsSet
closesocket
select
WSAGetLastError
htons
gethostbyname
send
shutdown

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
fseek
ftell
_ui64toa
fread
getenv
strtoul
strcmp
strncpy
fopen
strlen
strcpy
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
strstr
atoi
memset
atol
memcpy
toupper
strchr
tolower
memmove
isspace
_endthread
_beginthread
sscanf
fclose

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ