eac334156b5b39bf7511a769a8d41155_JaffaCakes118 | Triage

Sharing

General

Target

eac334156b5b39bf7511a769a8d41155_JaffaCakes118
Size

20KB
MD5

eac334156b5b39bf7511a769a8d41155
SHA1

eaadee3bad8e1369b8b7607105f34e509f5f9f9a
SHA256

bedd27f529ebcf1d9a68fa4d727c7ab9c1142bea65557ed6f032f39df00df88b
SHA512

1f01d28d12673604b7725700bc28ffa38d6976e2fb69300bac70ee931aebd2ec5627a15bd53b8de4b637bb221ea4d66ef121b538a8ee7cebe78baba679238b29
SSDEEP

192:QxzSDhIqUnlfOaJHhnyj6m/uvolDRSxZcFP1oyn/yJ0lxL1k:QxzSDJqlG2hnyjDpYax1lUYxL1k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
eac334156b5b39bf7511a769a8d41155_JaffaCakes118

Files

eac334156b5b39bf7511a769a8d41155_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0307d84a558dc5e57037326e4dfc9f73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
WSACleanup
socket
inet_addr
gethostbyname
htons
connect
closesocket
send
recv

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
vsprintf
realloc
srand
rand
strstr
strtok
sprintf
atol
tolower
malloc
free
__p__commode

kernel32

GetStartupInfoA
GetModuleHandleA
VirtualAllocEx
VirtualProtectEx
WriteProcessMemory
FreeLibrary
CreateFileA
WriteFile
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetLastError
ExitThread
GetTickCount
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
GetProcessHeap
GetCurrentProcess
CloseHandle
LoadLibraryA
GetProcAddress
CreateThread
CreateRemoteThread
WaitForSingleObject
Sleep

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE