ea8c79d3df5cfb4ca7a9766f76cc6037_JaffaCakes118 | Triage

Sharing

General

Target

ea8c79d3df5cfb4ca7a9766f76cc6037_JaffaCakes118
Size

22KB
MD5

ea8c79d3df5cfb4ca7a9766f76cc6037
SHA1

d77b77d34078df3c616dcddba7a090b0405fde37
SHA256

a383edbc31d5f8beb51499ecf1acd02f6f042f46d45cbb46ead3542f9901f490
SHA512

ba1faadf64a9cf9e38c7582ad669167ebf4ed4a81793b12ba5f450bfa628233160227765421fb8b330d7d36fc908d32ebd45b98e6c139de0e6130534bed11337
SSDEEP

384:vr1912uAP9BSgmorj68e10RsTRSJKpbZbx71qgJOvEv1T0DjUhmvDP7L3ou:DP129P9Bfdr+HiRmVVZN71qJY1ToIhmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea8c79d3df5cfb4ca7a9766f76cc6037_JaffaCakes118

Files

ea8c79d3df5cfb4ca7a9766f76cc6037_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b594a4a373c239d913b41c99ef170d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CompareStringA
CloseHandle
GetCommandLineA
InitializeCriticalSection
CopyFileA
ExitProcess
CreateThread
LeaveCriticalSection
EnterCriticalSection
Sleep

user32

DefWindowProcA
FindWindowA
LoadIconA
LoadCursorA
RegisterClassA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA

msvcrt

malloc
sprintf
getenv
_mkdir
_ftol
time
strstr
realloc
_strdup
isspace
localtime
free
sscanf
system
atoi
strchr
rand
srand

ws2_32

getsockname
bind
WSASocketA
closesocket
connect
htonl
gethostbyname
send
htons
WSAStartup
WSAAccept
setsockopt
listen
select
recv
WSAGetLastError
sendto
recvfrom
__WSAFDIsSet
ntohl
getpeername
inet_ntoa
ntohs
shutdown

wininet

InternetOpenA
InternetOpenUrlA
InternetCloseHandle

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE