c10b1045a9ee8273ed0ab046e2351724_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c10b1045a9ee8273ed0ab046e2351724_JaffaCakes118
Size

13KB
MD5

c10b1045a9ee8273ed0ab046e2351724
SHA1

4ec49d33c4f5a19c7ef7ab20a4393f7b9ad9ff41
SHA256

71fd96b924423e2cd212787590d2cfe9e2b05cb1af921c0ed0d25fbf106bcafd
SHA512

435df684cd85280707a94747bd6bce4e2e9364940258e29878f9c25f2e613f90242a36b0c8d03171d2ed051a35285333b170bb3b801f2b8b8d581edb46c05a74
SSDEEP

192:fGTM+gAAQXz5tgLftG96lXzQ287y9JXi7m3l1FEyAm3l1FEZ:fGjv1ijtpx3qml1FEyAml1FEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c10b1045a9ee8273ed0ab046e2351724_JaffaCakes118

Files

c10b1045a9ee8273ed0ab046e2351724_JaffaCakes118
.exe windows:1 windows x86 arch:x86

ca43d965c38e55c82a68eb94ff604ca4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetDriveTypeA
GetFileSize
GetLogicalDriveStringsA
GetModuleHandleA
CloseHandle
GlobalAlloc
GlobalFree
LocalAlloc
LocalFree
MapViewOfFile
RtlUnwind
CreateFileA
CreateFileMappingA
Sleep
UnmapViewOfFile
lstrcatA
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

user32

wsprintfA

shlwapi

StrStrIA
StrRChrA

ws2_32

htons
socket
gethostbyname
connect
closesocket
WSAStartup
send
recv

crtdll

__GetMainArgs
_strdup
toupper
atoi
exit
free
malloc
memcpy
memset
raise
realloc
signal
strcat
strchr
strcmp

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE