046d7e292bc51e7d09473baafab4eb0b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

046d7e292bc51e7d09473baafab4eb0b_JaffaCakes118
Size

271KB
MD5

046d7e292bc51e7d09473baafab4eb0b
SHA1

39f1772d03f8690df4045733a4a349a30de04746
SHA256

a81b6809dac367b39fe4b4a29865eb27c1b13622d10cd00dc30b8d7eccc675d3
SHA512

504b7ec17ab4db4e5f11ae2267b5deb07fc72a7d88f85cd1091c8d1ed9e7198d6a096533dc6ba791c64f20b4d19c30c1c41e71b75c6da4686762f0152a9b1026
SSDEEP

6144:NarIx5wLRR5kouBDgcxa60n9sG5+kqZcorHER3VVuH1VDpyI:NBzoILabnTU6orHAVVyTN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
046d7e292bc51e7d09473baafab4eb0b_JaffaCakes118

Files

046d7e292bc51e7d09473baafab4eb0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d245c7ac07febacc2dcee7af5bebcf3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpiA
CloseHandle
SizeofResource
QueryPerformanceCounter
lstrlenA
GetLastError
LoadResource
HeapFree
lstrcmpiW
lstrcpyA
FlushInstructionCache
GlobalAlloc
lstrcpynA
lstrcatA
LoadLibraryA
GetProcAddress
HeapDestroy
WaitForMultipleObjects

user32

wsprintfA
GetParent
IsWindow
CharNextA
EqualRect
LoadStringA
OffsetRect

gdi32

CreateDCA
DeleteMetaFile
GetDeviceCaps

ws2_32

ioctlsocket
select
send
connect
recv
WSAStartup
closesocket
shutdown

msvcrt

iswspace
realloc
wcschr
free
sprintf
wcscat

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 239KB - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ