25185f208fcacd700a983cdf6faad261_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25185f208fcacd700a983cdf6faad261_JaffaCakes118
Size

92KB
MD5

25185f208fcacd700a983cdf6faad261
SHA1

1e7454285201ee18cd9d70af2fdf9f45a3897a84
SHA256

117d9256f11ce63a48579281c6bec47f71e2a22e92d65bd84ac0d8d917c2cb98
SHA512

1973fb7f6c8499941ef872a89d2761a3f2dadffabf89ecb6a8e0decb72196d5f648a271845b6798e8e89a6eed6bee8ade639bae794a90bb26dfc978dac41afb6
SSDEEP

1536:xcjwOUFVjGNstIChbS3lUGuI8x71tqPPk3jX4Rq4+Fm4o+smBAC:OoFVKNChbSVy9tcPk3bK7+4p0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25185f208fcacd700a983cdf6faad261_JaffaCakes118

Files

25185f208fcacd700a983cdf6faad261_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ecf2f92a19afb83e13c1881d491ecb3c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
GetPrivateProfileStringA
CreatePipe
ResetWriteWatch
SetConsoleCtrlHandler
Toolhelp32ReadProcessMemory
GetConsoleTitleA
GetSystemDirectoryA
GetLogicalDrives
ExitThread
SetConsoleCtrlHandler
lstrlenA
GetDefaultCommConfigA
SetTimerQueueTimer
GetConsoleAliasExesLengthA
RaiseException
GetCommandLineA
GetStartupInfoA
ExitProcess
MapViewOfFileEx
GetThreadTimes
BackupRead
FindNextChangeNotification
CreateTimerQueue
GetNamedPipeInfo
UnlockFileEx
_lcreat
GlobalFix

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ