28afc76325f71571d467fb1ab439195a_JaffaCakes118 | Triage

Sharing

General

Target

28afc76325f71571d467fb1ab439195a_JaffaCakes118
Size

17KB
MD5

28afc76325f71571d467fb1ab439195a
SHA1

c567d0806e7a5d9d2a08295dfcef5858c3d985d8
SHA256

1ec4bd5fb05c1186b39d25182d0588970a5b0654c7025282437e45724e1fc6d8
SHA512

58c3976fb9f7518fee50f487f396494263368e41eba4a7c6dc4cc54de12d74b4c4cca3a6ef0772c337df0fbb60fd6405ebeebaae4a0d03dca590306a5d85d2e9
SSDEEP

192:kelAyvImWnanR1KGvnn+tmOyodWVOzvk/3k5Wf4GIN1P410BaV/UD6dfnX:koA+z3R1pv8yYWVOzvk893lBaV/ucX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28afc76325f71571d467fb1ab439195a_JaffaCakes118

Files

28afc76325f71571d467fb1ab439195a_JaffaCakes118
.exe windows:1 windows x86 arch:x86

41db50321d43c05b28f35bd8757d1595

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wsock32

TransmitFile
getsockopt
gethostname
WSACleanup
htonl
bind

msvcrt

??_Fbad_typeid@@QAEXXZ
?terminate@@YAXXZ
??3@YAXPAX@Z
_CIasin
??_U@YAPAXI@Z

Sections

.text
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE