aead5725659da0f8f30a7c61c7aa6318_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aead5725659da0f8f30a7c61c7aa6318_JaffaCakes118
Size

5KB
MD5

aead5725659da0f8f30a7c61c7aa6318
SHA1

5a4951186810d9a1917fc4e89f1650aacdbfb041
SHA256

75a1c7f4339d1d6a3b565bdc298307fa7341d01deb9b045709df5382d5cda50a
SHA512

93986ffc5688affc9a60cb319c151835c09276ff0aac065b36d67cda4969f6d0126e983bc2ab803a977133cc5ccd53541936d7ef9c8d03e3e8e918b72e90d7e0
SSDEEP

96:odYRvLCnwU4EzueizbCRTvZ+HBYbd8h94FP4KAZyVpaQMx1XfHPtboynd:oYRvywU4GgzbC6H+2h94BXA3QMxx/P1T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aead5725659da0f8f30a7c61c7aa6318_JaffaCakes118

Files

aead5725659da0f8f30a7c61c7aa6318_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d717ed0a46547df304956e8d0a993809

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
bind
listen
socket
htons
closesocket
accept
inet_ntoa
connect
send

kernel32

GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetModuleFileNameA
GetSystemDirectoryA
ReadFile
GetFileSize
CreateFileA
Sleep
DeleteFileA
CloseHandle
TerminateProcess
OpenProcess
GetProcAddress
LoadLibraryA
CopyFileA

user32

MessageBoxA
CharUpperBuffA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

msvcrt

_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_initterm
__getmainargs
_acmdln
_except_handler3
_controlfp
free
strncpy
malloc
sprintf
strstr
_exit
_XcptFilter
exit
__setusermatherr

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE