c097fd043d3cbabcada0878505c7afa5_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c097fd043d3cbabcada0878505c7afa5_JaffaCakes118
Size

14KB
MD5

c097fd043d3cbabcada0878505c7afa5
SHA1

966a60028a3a24268c049ffadbe1a07b83de24ce
SHA256

1328bd220d9b4baa8a92b8d3f42f0d123762972d1dfc4b1fd4b4728d67b01dfc
SHA512

0837c537af0c75d5ce06d3ae6e0c6eefe3901535c908843d3771cd468657bca2e3c103b8a84c7c43f2cf1410782a595151fffc3c78fdc0f81277ed4894397fb0
SSDEEP

384:FbvAEV1n+LNA8tmWsejswNlqL9Yql+FgB6BjiMxFV:V3Se+F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c097fd043d3cbabcada0878505c7afa5_JaffaCakes118

Files

c097fd043d3cbabcada0878505c7afa5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9daa2077796c1e1eebb7432dbfbf9100

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetStdHandle
VirtualAlloc
VirtualFree
ExitProcess
GetCommandLineA
QueryPerformanceCounter
GetVersionExA
CloseHandle
WriteFile
lstrlenA
SetFilePointer
CreateFileA
GetLocalTime
ReleaseSemaphore
LeaveCriticalSection
EnterCriticalSection
Sleep
lstrcpynA
lstrcpyA
GetLastError
WaitForSingleObject
CreateThread
GetTickCount
CreateSemaphoreA
lstrcmpiA
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler

ws2_32

__WSAFDIsSet
select
send
closesocket
WSAGetLastError
connect
ioctlsocket
htons
htonl
socket
recv
setsockopt
ntohs
ntohl
WSAIoctl
bind
inet_addr
inet_ntoa
gethostbyname
WSACleanup
sendto
WSAStartup

iphlpapi

GetBestInterface
GetIpAddrTable

user32

wsprintfA

ntdll

_vsnprintf
strstr
memset
memcpy
atoi
strcpy
_chkstk
strchr
_strnicmp

Exports

Exports

free
malloc
strtok

Sections

.text
Size: 14KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE