5307286bff1c233370e33c21482c7668_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5307286bff1c233370e33c21482c7668_JaffaCakes118
Size

2.0MB
MD5

5307286bff1c233370e33c21482c7668
SHA1

0554829ed81b31c26c830507fadb56fff5843dcc
SHA256

0a2cd5ee39451b42e1e7116d7cb08f8cc1417a97e11abe21dd85dc27d589c52a
SHA512

9c9ab3347d721d533d7c681446308b46ea5f2a8ba2f3e9add2e26288946a563e74c2ad34a201c6e6c64078deba35d2246a6ddb3d84dc2dea188ace397e41cb10
SSDEEP

49152:QStSExv0HO4B0ZfI1vaRCrjJ7y1JDQJHOC7oULmuE:QgNiF3la49y1BSOC7oU6n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5307286bff1c233370e33c21482c7668_JaffaCakes118

Files

5307286bff1c233370e33c21482c7668_JaffaCakes118
.exe windows:4 windows x86 arch:x86

77d1fb41a3e0a839936c3064a217bf1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

WSAStartup
socket
gethostbyname
htons
connect
send
closesocket
WSACleanup

kernel32

FreeConsole
SetErrorMode
GetStartupInfoA
GetModuleHandleA
GetConsoleWindow
CreateThread
CreateFileMappingA
GetLastError
GetTickCount
lstrlenA
lstrcpyA
lstrcatA
LoadLibraryA
GetProcAddress
SetConsoleTextAttribute
GetStdHandle
AllocConsole
GetVolumeInformationA
GetTempFileNameA
GetModuleFileNameA
GetTempPathA
CreateProcessA
Sleep
SetFileAttributesA
GetDriveTypeA
GetLogicalDriveStringsA

user32

ShowWindow

msvcrt

_controlfp
_strdup
fread
__set_app_type
__p__fmode
__p__commode
sprintf
fclose
ftell
fseek
fopen
_unlink
calloc
_except_handler3
malloc
fwrite
fputs
setvbuf
_iob
_fdopen
_open_osfhandle
strlen
strcat
rand
strcpy
strstr
strrchr
strcmp
memset
strtok
srand
__argv
__argc
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv

Sections

.bss
Size: - Virtual size: 47KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE