b0c08038f5e3aad4979ab22a4524a761_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0c08038f5e3aad4979ab22a4524a761_JaffaCakes118
Size

60KB
MD5

b0c08038f5e3aad4979ab22a4524a761
SHA1

701078c2921dea7cf302ed7a2cf17d61153b47af
SHA256

d7f481aa4cdfa780cbdf2f7d19ca9cf8109590fb69fb892ba12aae1d66730a97
SHA512

9344538b3fe6f5ced971a9370d40131f297c451652822dbe7c7e24e6cb0754795a6e4bfe17e00d525b30ecff6d5c3d9cb17f9101c34e930d6e4115dfb6620b57
SSDEEP

768:Kt0pYgUJirJn51JN5dz1XMPoWoSvoz3f35CO55ecADJi07282oTax8xMOi1SY0IV:KypfJln5TX5K4ucmJi0YoTaxbSY01A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0c08038f5e3aad4979ab22a4524a761_JaffaCakes118

Files

b0c08038f5e3aad4979ab22a4524a761_JaffaCakes118
.exe windows:5 windows x86 arch:x86

db04eb07b797fa1e1726efacae19e358

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleW
TerminateProcess
CreateFileW
GetConsoleNlsMode
AllocConsole
DeactivateActCtx
CancelTimerQueueTimer
GetCurrentThreadId
BeginUpdateResourceW
CopyFileA
CloseHandle
ClearCommBreak
ExitProcess
AddAtomW
Sleep
WideCharToMultiByte
DeleteTimerQueue
EnumDateFormatsExW
GetConsoleCP
CreateMutexW
DeleteCriticalSection
GetCurrentProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
EnterCriticalSection
ExitThread
FatalExit
CancelIo
FindAtomW

ws2_32

WSAStartup
bind
WSACleanup
listen
socket
recv
connect
accept
send
closesocket

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.kdata
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ