059727ae7a0de8c1114dbb99da0ad5f3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

059727ae7a0de8c1114dbb99da0ad5f3_JaffaCakes118
Size

261KB
MD5

059727ae7a0de8c1114dbb99da0ad5f3
SHA1

ae61405f93726948ef23228667a080d80dcd91a2
SHA256

e1c355c118abc5bbf86be6fb7d8b31df2a5e31df886c39c9c5f289e366abc57c
SHA512

92cd79769febe0ead0b8181904e22c67a2392d48f97d49bb94ed99203ae1fb028ed7d88570b15ff71446ccead2dee6a9e9cdb99f9c7f61dc8facb475a71e1041
SSDEEP

6144:Z5KBkMMDUPMnIhUhKG8rekvL67i8q8Bu9lsi5sMEGVVAc3DQw4U:ielnIahLYWW8FiAGo81

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
059727ae7a0de8c1114dbb99da0ad5f3_JaffaCakes118

Files

059727ae7a0de8c1114dbb99da0ad5f3_JaffaCakes118
.exe windows:5 windows x86 arch:x86

440593db39902e575133eaa4a208722c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoCreateInstance
PropVariantChangeType
CoGetInterceptorFromTypeInfo
BindMoniker
CLIPFORMAT_UserFree

ws2_32

accept
WSACleanup
WSAStartup
WSALookupServiceNextA
listen

kernel32

LockResource
VirtualAlloc
ExitProcess
GetModuleHandleA
FindResourceA
GetStartupInfoA
EnumResourceTypesA
EnumResourceNamesA

Sections

CODE
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 448KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ