c1f4f7ad07ee49b8e42ec89cfee35c77_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1f4f7ad07ee49b8e42ec89cfee35c77_JaffaCakes118
Size

19KB
MD5

c1f4f7ad07ee49b8e42ec89cfee35c77
SHA1

0ca43f0f321122333d645c89d54d0e00d9598b93
SHA256

407c6c334619c0d501db0cf76793a5c0a5dbfd8338231a5e4d78dcc50926256a
SHA512

065aeaa5953c1f22138d287c23455c55f9a28306326c7c4d9c0fadb2df617fea3380ed9348da5cb2b663cc2e151326b832c641754e9ba80aaf605e72bf398f0f
SSDEEP

384:LTOoS7/s3/r5RGGmzCYnnbi1BeLx7Z7ewc2Pd:Ozs3/vGDfnwBeLd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1f4f7ad07ee49b8e42ec89cfee35c77_JaffaCakes118

Files

c1f4f7ad07ee49b8e42ec89cfee35c77_JaffaCakes118
.exe windows:4 windows x86 arch:x86

93dc46b5adb187b95b9d3df0dd063f61

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MoveWindow
MessageBeep
GetWindow
GetSystemMetrics
ShowWindow
GetSysColorBrush
GetSysColor
GetDlgCtrlID
EndDialog
DestroyIcon
GetSystemMenu
wsprintfA

kernel32

lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
lstrcatA
WriteFile
Sleep
SetFilePointer
RtlMoveMemory
RemoveDirectoryA
CloseHandle
CompareStringA
CreateDirectoryA
CreateFileA
CreateThread
DeleteFileA
ExitProcess
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileA
FindNextFileA
FreeLibrary
GetCommandLineA
GetCurrentThreadId
GetFileAttributesA
GetFileSize
GetLastError
GetLocalTime
GetLogicalDrives
GetVersion
GlobalAlloc
GlobalFree
LoadLibraryA
LocalAlloc
LocalFree
MoveFileA
ReadFile

wsock32

bind
closesocket
accept
gethostbyname
gethostname
getsockname
htonl
htons
inet_ntoa
listen
recv
select
send
shutdown
socket
__WSAFDIsSet
WSAStartup
WSACleanup
connect

shell32

ShellExecuteA

advapi32

RegCloseKey

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE