bdc5e16aec2c3796fb879a5c260d6ca9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bdc5e16aec2c3796fb879a5c260d6ca9_JaffaCakes118
Size

11KB
MD5

bdc5e16aec2c3796fb879a5c260d6ca9
SHA1

ba5f926d93eb05f7e24e12ab8a7133114e7e911d
SHA256

c5c86a75f360aab239162d6c6ec8f45dffe26b08a8bd4417c4cd55ce3b00478c
SHA512

d501243d043ac84a4c59c9ea02fed3b8a10de56fcf607bb412ea0b3989d1f1864f0883aee3150e082888ebe69faeea48ff6df00c558ad46f8518888ad513ac73
SSDEEP

192:XbRCQXedOwpnzmtPueh3LtNPc1DFQ4DXjXY5LdS/:LRDXaJzmtPpSFRDzo5LdS/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdc5e16aec2c3796fb879a5c260d6ca9_JaffaCakes118

Files

bdc5e16aec2c3796fb879a5c260d6ca9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

acaee8b139a30158c2c78905ce1ae920

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
TerminateThread
GetExitCodeThread
WaitForSingleObject
CreateThread
DeleteFileA
CreateProcessA
CreatePipe
CopyFileA
GetSystemDirectoryA
GetTempPathA
GetStartupInfoA
ReadFile
PeekNamedPipe
WriteFile
WinExec
lstrlenA
GetLastError

ws2_32

connect
closesocket
recv
setsockopt
socket
WSAStartup
htons
inet_addr
send
WSACleanup

msvcrt

_adjust_fdiv
_initterm
__CxxFrameHandler
strstr
isdigit
fwrite
strchr
fopen
atoi
sprintf
sscanf
strrchr
free
malloc
strncmp
_close
_read
_lseek
_filelength
_open
_write
fclose
fflush
_stricmp

winmm

timeGetTime

wininet

InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetGetConnectedState
InternetOpenA
InternetCloseHandle

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ