b231b34fe58fe74f923696dd4961e361_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b231b34fe58fe74f923696dd4961e361_JaffaCakes118
Size

4KB
MD5

b231b34fe58fe74f923696dd4961e361
SHA1

33a09986ca4d0866585a6df36d4f4f4b6cca4a56
SHA256

b8f89d6e3695a4e728a4f7aa456cef91a34fb04e09b15a93fa009a7081c270ef
SHA512

33576e8f09100477941a703d9c1b1b279dd106de5a63985c92cad2e1a45709072ead30c47fbfb8bdcf1a1e446608b6d3a1313f0ebd874726903bac1f5dbca7b6
SSDEEP

96:C7Q7TWgr5GGeYFZHFopXZlLh1pAxwA6L7vwP:m1gdVFZm/dAu3vwP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b231b34fe58fe74f923696dd4961e361_JaffaCakes118

Files

b231b34fe58fe74f923696dd4961e361_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f500dee58ac670301fda6ebe553b7ad9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
Sleep
CreateEventA
CreateThread
GetLastError
HeapFree
GetProcessHeap
CloseHandle
HeapAlloc

advapi32

RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegQueryValueExA

ws2_32

recv
select
WSAGetLastError
connect
ioctlsocket
send
__WSAFDIsSet
closesocket
shutdown
socket
htons
inet_addr
WSAStartup

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE