a80819593fd44e3194282fe69d1b2e1f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a80819593fd44e3194282fe69d1b2e1f_JaffaCakes118
Size

5KB
MD5

a80819593fd44e3194282fe69d1b2e1f
SHA1

8bee44d1f40bdb5b102e91715cdd4f72cde2c6df
SHA256

ee14fe239a5adfa6ecc5e1cba58adfd84257f99456b50348cf3b4167ae6ce654
SHA512

72ddd54ec761852db9d973de41e1eeff91077e18c649b6d0738d569e6edd57a3d32e62306113a96d5385e236607575ba06445ed49972fee958a72afe89fed36e
SSDEEP

48:ycpLu7T7zP7omKkT8uEbjuy+CEblLYQVvgHjE5nEhQJSI1KDoZWyoLUJ5Wo:azDomKkT8lGCEbx9ZREOJSirWlLUXWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a80819593fd44e3194282fe69d1b2e1f_JaffaCakes118

Files

a80819593fd44e3194282fe69d1b2e1f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fbb64f702e9eddfd6bcc6980438295d1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

wsprintfA

kernel32

GetTempPathA
lstrlenA
CloseHandle
CreateFileA
CreateProcessA
CreateThread
GetModuleFileNameA
GetStartupInfoA
GetSystemDirectoryA
GlobalAlloc
GlobalFree
RtlZeroMemory
Sleep
WriteFile
lstrcmpiA

wsock32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
gethostbyname
htons
recv
send
socket

ws2_32

WSAWaitForMultipleEvents
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 894B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ