a2d515af5d8d632645b4762743e2113c_JaffaCakes118 | Triage

Sharing

General

Target

a2d515af5d8d632645b4762743e2113c_JaffaCakes118
Size

9KB
MD5

a2d515af5d8d632645b4762743e2113c
SHA1

a41ecb8c19dca57e60a1622e8752d8d8c92b8e2e
SHA256

ac281cd17f5e8b1e0efe6babeef231350bde84d74faf170ee6d90598b10499d9
SHA512

7101cbf76be1c2c969fdeaf024e501d43ba5815f3b9bdd69d0281af58cd43e0659c343ceae0a35b487bfae6965d442841abccbf6b22f9e088a81dabf7ffd38fb
SSDEEP

192:8qiFP+IB51sQwD8I+wgJIyfiuiSA81nXEOGQC5JFoPAyRkQA5U:8qmP+IBbsQIatIya381XE7QguL1v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hlbof-client.exe

Files

a2d515af5d8d632645b4762743e2113c_JaffaCakes118
.zip
hlbof-client.c
hlbof-client.exe
.exe windows:4 windows x86 arch:x86

335d6f0b344ac5dd5011d598f8f1f347

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

ExitProcess
SetUnhandledExceptionFilter

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_errno
_iob
_onexit
_setmode
atexit
atoi
exit
fprintf
fwrite
memset
printf
signal
strerror
tolower

ws2_32

WSAGetLastError
WSAStartup
bind
htons
inet_ntoa
ntohs
recvfrom
sendto
socket

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 208B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
show_dump.h
winerr.h