3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118
Size

6KB
MD5

3ee5d418d109de62c1b9b020fbe8c114
SHA1

cf579457e63e9b605c73ee2e02861f38c172be7d
SHA256

12ce37ca74127b9855ab8eb56207d6b6c12010af1e871bb7748edade99ddac78
SHA512

bc5d0026dcd5b64af56e452d82e694bffb0288d566bbc8a7cee875997dbb38156a4f0c8b0ead344dc55573d659931d95c345c973aa208d942ae758feb29ef065
SSDEEP

96:mfLc98/bGspaxG2X78EIutt9Irs5h6u+u7A7TLcbDUDi55CRS:mfLc96naxPAitn5h6u+u7AWDUDYkRS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118

Files

3ee5d418d109de62c1b9b020fbe8c114_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c24c5bf2bbad1a8dd90cfddd281ee207

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep

wsock32

socket
ioctlsocket
htons
sendto
WSACleanup
WSAStartup
gethostbyname

msvcrt

rand
_XcptFilter
__p___initenv
_controlfp
printf
exit
perror
malloc
puts
atoi
__setusermatherr
_exit
_adjust_fdiv
_initterm
__getmainargs
__set_app_type
__p__fmode
__p__commode
_except_handler3

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE