0282879904d92be23d5b50847aa28693_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0282879904d92be23d5b50847aa28693_JaffaCakes118
Size

32KB
MD5

0282879904d92be23d5b50847aa28693
SHA1

07e9298e19de9b9ddbbf55668999e9fbeee8585d
SHA256

f387dcc9f5652d3b03fd55fdd889f628e846b65d4c771594b056bb62672c5b23
SHA512

4aa64960b34c9ebc89cad5bca1846258136c0e7af4fa9b9eb961574b97653a84479f15feafd37848137afd970071bd69a5836c632bc97e91bef8a40156136a8f
SSDEEP

384:Y7aLelo6TY/SbxCApY2y+KWmlgcgxoWlsrY3iWkPxEFoH9MNvl7:Y7YkoIY/ECAp7qba7yXxmodw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0282879904d92be23d5b50847aa28693_JaffaCakes118

Files

0282879904d92be23d5b50847aa28693_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cdf8dcd7d27813e4bb8159a0dc3810d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
gethostbyname
htons
socket
connect
send
recv
shutdown

kernel32

HeapDestroy
LCMapStringW
LCMapStringA
SetStdHandle
CloseHandle
SetFilePointer
ReadFile
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetVersion
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
MultiByteToWideChar
VirtualAlloc
HeapReAlloc
GetLastError
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE