c23ab53387e5b781b81e82a46ba2b8eb_JaffaCakes118 | Triage

Sharing

General

Target

c23ab53387e5b781b81e82a46ba2b8eb_JaffaCakes118
Size

32KB
MD5

c23ab53387e5b781b81e82a46ba2b8eb
SHA1

8af4972554167b0f3e403bd718355e4e89c8a8fd
SHA256

7c81bb9f60540ce045201cb991f5280bfdcd096b605f8f17faee81698e456f5d
SHA512

b1e179e50c057653f9aecd5aaa3c438db7566c3af742bce0604fbb235326da25a99646a5d0fc008fb068606f8de4eb9bce6be4638c7b39c47267a375b8feca6e
SSDEEP

192:Kbyj5xGcvQz2trV5JUQ2ByhHhvVx7rsRBmR18YJJrjUrt9azYGkk2JUBml:KuVwcvK2NkoHsRkTw8zzZB0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c23ab53387e5b781b81e82a46ba2b8eb_JaffaCakes118

Files

c23ab53387e5b781b81e82a46ba2b8eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a68f4f72ad880b044a684998783a9639

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSize
CreateFileA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetModuleFileNameA
GetSystemDirectoryA
ReadFile
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
lstrcatA
WriteFile
CreateThread
GetVersionExA
lstrlenA
GetCurrentProcess
CloseHandle
TerminateProcess
GetSystemTimeAsFileTime
RtlUnwind

user32

wsprintfA
MessageBoxA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyA
RegSetValueExA

ws2_32

select
recv
WSACleanup
htons
inet_addr
ioctlsocket
accept
listen
bind
__WSAFDIsSet
closesocket
send
socket
WSAStartup
connect

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ