464838f1dbb592faf70ae3003b24caf0_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

464838f1dbb592faf70ae3003b24caf0_JaffaCakes118
Size

11KB
MD5

464838f1dbb592faf70ae3003b24caf0
SHA1

8a13df8969b11bb303107bb9a870744f87c4b442
SHA256

cde75fa01f12c96e84fe04f950985a6198095b3977cb033aa510d1e4c3357675
SHA512

66cdfcd0e466c5fa8640d64b1e36d4d3432908dea10e2cbfc5d3f012d93414823d59cb315b06bff94c9522c770c4ccef2186e6c877290801224b04dff043d2fc
SSDEEP

192:crNAaGFYgPWQnnJ0b3DKAE6G7sa6Hor8Ebp+4V3ET0cvqGC1Ugehfu:cGFYgPhJ0bez7Hr7p5lz1Ku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
464838f1dbb592faf70ae3003b24caf0_JaffaCakes118

Files

464838f1dbb592faf70ae3003b24caf0_JaffaCakes118
.exe windows:1 windows x86 arch:x86

60b861faf7b48cebe41a527dee704e69

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

ExtCreateRegion
ExtFloodFill
FrameRgn
GdiGetDC

wsock32

WSASetLastError
WSAAsyncGetProtoByNumber
getservbyname
getsockopt
ntohs
rresvport

user32

CloseClipboard
CreateCaret
CreateDialogIndirectParamA
CreateMDIWindowA

msvcrt

wscanf
wprintf
wctomb
wcsxfrm
wcstoul
wcstombs

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE