25e11930e1a06e2824baf7672255601b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25e11930e1a06e2824baf7672255601b_JaffaCakes118
Size

11KB
MD5

25e11930e1a06e2824baf7672255601b
SHA1

0fae16cb16554d72284c17eac03c996892468754
SHA256

dc9bbbe90507208afc69dff2e833b81685e1cda1ac0c56d7494ebd93e2267750
SHA512

66ed7d121d4d7f19446799c95fe599c02ee6db4d6823d2b6384c57d5326a164a712eb13d3de61566654ec5cbf72cd629c27409d008ad50a96b0c540c98daf516
SSDEEP

192:fru0M1rBXlTK79u/KHmmIw2ElI5EQFIOUz/acsDY6otDLQke:St1TKpuCGmI6l6F7UhaEDLQke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25e11930e1a06e2824baf7672255601b_JaffaCakes118

Files

25e11930e1a06e2824baf7672255601b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f4ca4b6ce6014fbd7b988762ae004cc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
MoveFileExA
CopyFileA
GetModuleFileNameA
GetModuleHandleA
GetSystemDirectoryA
GetTickCount
CreateThread
ExitProcess
GetLastError
CreateMutexA
DeleteFileA
lstrcmpiA
CloseHandle
WriteFile
CreateFileA
CreateProcessA
WaitForSingleObject
lstrcatA
lstrlenA
GetCurrentThreadId
Sleep

user32

MessageBoxA
wsprintfA
GetMessageA
PostThreadMessageA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyA
RegQueryValueExA
RegOpenKeyExA

msvcrt

fgets
fopen
_itoa
fclose
rand
srand
time

ws2_32

gethostbyname
gethostname
WSAStartup
inet_ntoa
WSACleanup

Sections

.data
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE