a37e400f2921873aa960491ba6663e69_JaffaCakes118 | Triage

Sharing

General

Target

a37e400f2921873aa960491ba6663e69_JaffaCakes118
Size

32KB
MD5

a37e400f2921873aa960491ba6663e69
SHA1

fa7b6eed4aeae3349d4bef697f9a3837d688c329
SHA256

c0ddb48bc53340f3f5babb799bcd09c36e4b805206e03b49b6fd5594b4052353
SHA512

d2c551f3d4ee946d0af3c5dfa3c364d0659387ef0c01025352e4764859a74fe93f893f39aa8da4f412467cefe7fc6ee61ab2686de2dffe9333f8be0b21ce2666
SSDEEP

384:CT1VJeDvT80SGUoirfOWo2EVmlUfj3hyedGJSjrW1arE5la8kimlV:UVUDb80o/rPNCbhDnjad5l7kr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a37e400f2921873aa960491ba6663e69_JaffaCakes118

Files

a37e400f2921873aa960491ba6663e69_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d60ee4de43752dc374431c4513a3ec47

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
GetStartupInfoA
HeapDestroy
LCMapStringW
LCMapStringA
CloseHandle
FlushFileBuffers
LoadLibraryA
SetStdHandle
HeapReAlloc
ExitProcess
TerminateProcess
GetCurrentProcess
GetCommandLineA
GetVersion
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
Sleep
GetStringTypeA
GetProcAddress
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
SetFilePointer
GetStringTypeW
HeapAlloc
GetLastError
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc

ws2_32

inet_addr
WSAStartup
htons
shutdown
socket
connect
recv
closesocket
send

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE