b2b53607e7c5c120ebf1413dd8c1f670_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b2b53607e7c5c120ebf1413dd8c1f670_JaffaCakes118
Size

6KB
MD5

b2b53607e7c5c120ebf1413dd8c1f670
SHA1

fd2622b9271015cfe158bb40be1b40233f05df95
SHA256

1aa84ee73cfa0927ee4ce336b1595b478a1bc4c82eca89141f67cf150042f240
SHA512

47f73ddf3207efbfa3ca1de1a37ae5f175c4c41cadb9709f1ccbcb6d7c677b2b5858b16d2880c51534aa2f9d169ab0ca267f564529382d27af46a42bbfdab6df
SSDEEP

48:yI3jTWUUSo1Y6DnDkNLa3hMhhl0qw0dkWBrf:5JeYokNm3ahv0qw0tdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2b53607e7c5c120ebf1413dd8c1f670_JaffaCakes118

Files

b2b53607e7c5c120ebf1413dd8c1f670_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5cbc8a1a8e39f4b264fe8fef9036a396

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

advapi32

RegOpenKeyA
RegQueryValueExA
CloseServiceHandle
ControlService
OpenSCManagerA
OpenServiceA
RegCloseKey
RegEnumKeyA

kernel32

lstrlenA
lstrcatA
ExitProcess
RtlZeroMemory

wsock32

WSACleanup
WSAStartup
closesocket
connect
gethostbyname
htons
recv
send
socket

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE