ae5e03d45184a01feefecd6f08b697a4_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ae5e03d45184a01feefecd6f08b697a4_JaffaCakes118
Size

39KB
MD5

ae5e03d45184a01feefecd6f08b697a4
SHA1

d26985593f687b93513fb725595110d082d14f76
SHA256

6ea480f7ac4fdc62b8b776a1724253d65aee5158aa8d84bda9f701d25af3fe3a
SHA512

a9aa47f7886960734a0b286a20b2c7476ef8cd87bcccd54ebda4ac2c08701f9131c861a95c5886edca200ee442cdb89f8d58cbf197ec364cecc3a3654406ec46
SSDEEP

768:ccmMNQWvEPhEKYg39XEkIFEj+MazCuNOzilp0ejyUQqPv6x:bV8PhTtENEj/azxUiuJRx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae5e03d45184a01feefecd6f08b697a4_JaffaCakes118

Files

ae5e03d45184a01feefecd6f08b697a4_JaffaCakes118
.exe windows:1 windows x86 arch:x86

fbb66d787f04ffe185c1465fad6513b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

accept
htonl
SetServiceA
gethostbyaddr
listen
accept
bind
htons
sethostname

urlmon

ZonesReInit
DllCanUnloadNow
IsAsyncMoniker
IsValidURL
URLDownloadW
Extract
CreateAsyncBindCtx

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE