da60b92742abff72930879fa8560b3c3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da60b92742abff72930879fa8560b3c3_JaffaCakes118
Size

6KB
MD5

da60b92742abff72930879fa8560b3c3
SHA1

9092796cd59b425724e44edc4ff9c90bab8b7557
SHA256

192a17fcdeb3b92d66b53c89c15bce40daa8b866ea618136167d1dc05af0e746
SHA512

90d6d08e828ac053519b30c018588edf070881abc7b54ea88e7b7b977ec03b4e84758fea1fafe835cdbaab248d3db4f67ddf092d5ef5000a3ad00c51342c7998
SSDEEP

96:B74Q5RIL5QUURC1PGK9uixJkGV9tJhPQqjvFLu7EL5Dqq7p/JNtS:BbRwOGPfhNvFLu7EL5DpF/JNtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da60b92742abff72930879fa8560b3c3_JaffaCakes118

Files

da60b92742abff72930879fa8560b3c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7eb9aef659e3a50c7cf8196fc291d5f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateMutexA
DeleteFileA
GetComputerNameA
ExitProcess
CreateThread
ExitThread
GetTickCount
CloseHandle
GetVersionExA
Sleep

user32

wsprintfA
MessageBoxA

advapi32

GetUserNameA

wsock32

__WSAFDIsSet
select
accept
inet_ntoa
getsockname
recv
bind
htons
htonl
socket
connect
WSAGetLastError
shutdown
listen
gethostname
gethostbyname
WSAStartup
WSACleanup
closesocket
send

wininet

InternetGetConnectedState

urlmon

URLDownloadToCacheFileA

msvcrt

memcpy
memset
atoi
strncpy
strlen
strcat
printf

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE