d5b85fc50f7033dd91ab0d4d92467a88_JaffaCakes118 | Triage

Sharing

General

Target

d5b85fc50f7033dd91ab0d4d92467a88_JaffaCakes118
Size

7KB
MD5

d5b85fc50f7033dd91ab0d4d92467a88
SHA1

6e51c216938d20821aa82ecd33a74eae6bd3d922
SHA256

ae5977ff4ef09b97e6d8f9238aa75e8d9d54ecacced5df42c619d84926d372f6
SHA512

fdae37ceef8babe98c8cfb1b0a5d4001569d42a2f8013fda73c00ebaf25721b42321171f48c4944bb92c2127b3cc067925a1cf0dc879eecef1e9f46548a2c784
SSDEEP

96:H7Oy4BezPYqEUx0VCkU64N0L1Yw5n2UKKC3lz4Xm3lTT+CG7Llz9Ukg:Hiy4MT3JrQ1YwUUhC3v3piB7Llz9Ukg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5b85fc50f7033dd91ab0d4d92467a88_JaffaCakes118

Files

d5b85fc50f7033dd91ab0d4d92467a88_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a36103c2c5c1d5a3f9ca1f5d640ef23a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetWindowsDirectoryA
GetModuleFileNameA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
GetModuleHandleA
CopyFileA
Sleep
GetTickCount
SetUnhandledExceptionFilter
ExitProcess
IsDebuggerPresent

user32

GetCursorPos
GetWindowTextA
GetForegroundWindow
GetDC
ReleaseDC
SetCursorPos
SetTimer
ShowCaret
MessageBeep
ExitWindowsEx
ShowCursor
KillTimer
SetWindowTextA
SendMessageA
ShowWindow

gdi32

TextOutA

advapi32

RegCloseKey
RegSetValueExA
RegOpenKeyExA

ws2_32

listen
bind
socket
htons
WSAStartup
gethostname
send
recv
closesocket
WSACleanup
accept

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ