af2060fb0c73c20acdace78ee06f2cd9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af2060fb0c73c20acdace78ee06f2cd9_JaffaCakes118
Size

4KB
MD5

af2060fb0c73c20acdace78ee06f2cd9
SHA1

d968bd7f17e78a9e8ec6aa31ec7c9081372fb902
SHA256

2ef84a4cba33cc1707b6a0a9a90c3d320729828dc54f9bb7bead9f5370fb9c7e
SHA512

1f55d6ff1b60ee0fb7b951a3e2000dfe747be1c284033fce1b9754d09dbbc4059c904b178acc71b1aef0cf5477a8f0741afb2ff96053a8d53c2f9172f945dcd5
SSDEEP

96:zyrZKIvBaJJsaFPKKHEckh0VjYa6HtJoTdEGQWou5qrjnn0L:zyVc77HHC0pEmRbQ25S0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af2060fb0c73c20acdace78ee06f2cd9_JaffaCakes118

Files

af2060fb0c73c20acdace78ee06f2cd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ec0d63be9c4ecbc516977e5c018dc5a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
ExitThread
GetModuleFileNameA
GetModuleHandleA
LocalAlloc
LocalFree
Sleep
lstrcmpA

ws2_32

__WSAFDIsSet
accept
bind
WSAStartup
connect
gethostbyname
getpeername
getsockname
htons
inet_ntoa
listen
recv
select
send
socket
WSAGetLastError
WSACleanup
closesocket

user32

MessageBoxA
wsprintfA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 746B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE