28d82d0a0a7b880c7ae3bcdf00798ff8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

28d82d0a0a7b880c7ae3bcdf00798ff8_JaffaCakes118
Size

92KB
MD5

28d82d0a0a7b880c7ae3bcdf00798ff8
SHA1

b6d58b4f4e19f72022431303161123662bb0154d
SHA256

c904d2768b79ac0502301af6f7cf84b342a02763fc7fda4514f240126643e8b9
SHA512

e9156afc55679df6b4ea5dbe32a5a1292ecd765b3a780b218e0f071557f638a84b37441014cf3e97e36f5014820936aa9769dab9919f9996819d73f7a5e89e5b
SSDEEP

1536:+XVlWBqkzcr4TI6ZWxiFjmdECYT0PxZhLKnfigaDxrjoK:KHuqkcr0frSEfTaxZhLKfiVxrj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d82d0a0a7b880c7ae3bcdf00798ff8_JaffaCakes118

Files

28d82d0a0a7b880c7ae3bcdf00798ff8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

62813b0647642eb1ae99fd66e2f29f38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
SleepEx
DeleteTimerQueue
BackupSeek
GlobalUnlock
GetConsoleAliasA
LocalFileTimeToFileTime
SetFileAttributesA
IsBadStringPtrA
RegisterConsoleIME
GetPrivateProfileStringA
RtlMoveMemory
lstrcpyA
lstrcpynA
CreateIoCompletionPort
GlobalDeleteAtom
EnumCalendarInfoA
GetCommandLineA
GetStartupInfoA
ExitProcess
TerminateJobObject
SetPriorityClass
TransmitCommChar
GetConsoleFontSize
HeapSummary
_llseek
GlobalFlags
LocalShrink
SetTimerQueueTimer
Process32First
SetFilePointer
UTRegister
SetComputerNameExA
QueueUserWorkItem
FileTimeToLocalFileTime
SignalObjectAndWait
UpdateResourceA
EscapeCommFunction
UnlockFile
CreateFileA
UnmapViewOfFile
SetConsoleCP

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ