28ba428deda9da90e5b114d727266477_JaffaCakes118

General

Target

28ba428deda9da90e5b114d727266477_JaffaCakes118
Size

2.6MB
MD5

28ba428deda9da90e5b114d727266477
SHA1

3b42b87b08ac1aef4baf8c63d8f99085fb8aa1d6
SHA256

2795807c8d487ef86cf215ae19768dd0e1bca82204ca1bd5bef2d815d8a74855
SHA512

ab6fe14efa3fa9fe42850cec1d00d87e694a27c05de240615cefdce8910f7577dde6619a03a59c1d7ae24cef5bbd1d417bdfb68e4aee710ceb45e5b5a2d3cade
SSDEEP

49152:6IXlxVgUgxJTbbsHiVB6r0niam1v8W6w8+5dVmlvtOrLBzTzCDbe8h+EPa69BUtp:fXlxVgFsHiVB7m1fp5OOJTzCbe8hu8BK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28ba428deda9da90e5b114d727266477_JaffaCakes118

Files

28ba428deda9da90e5b114d727266477_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea80a08b17c2e9e3be3852561b2478de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
GetProcessVersion
lstrcmpiA
ResetEvent
WriteFileEx
SetProcessAffinityMask
GetSystemTimeAdjustment
ExpandEnvironmentStringsA
GetTapeStatus
CompareFileTime
FindNextVolumeA
TlsAlloc
GetConsoleCursorMode
OpenProfileUserMapping
SetEndOfFile
ReadConsoleOutputCharacterA
SetConsoleMode
RegisterWaitForSingleObjectEx
SetFilePointer
FindFirstVolumeMountPointA
DeleteAtom
GetCommandLineA
GetStartupInfoA
ExitProcess
LocalLock
SetLastConsoleEventActive
SetProcessAffinityMask
GetNumberOfConsoleMouseButtons
lstrlen
RegisterConsoleOS2
RequestWakeupLatency
InitializeCriticalSectionAndSpinCount
GetBinaryTypeA
GetProcessTimes
SetProcessAffinityMask
FileTimeToSystemTime
GetStartupInfoA
GlobalLock
DeleteTimerQueueTimer
FileTimeToDosDateTime
GetCommState
ReadConsoleA
GetUserDefaultUILanguage
GetHandleInformation
UnregisterWaitEx
DnsHostnameToComputerNameA
ReadConsoleOutputA
CloseProfileUserMapping
SetHandleCount
GlobalUnlock
GetComputerNameA

Sections

.xcode
Size: 4KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea80a08b17c2e9e3be3852561b2478de

Headers

File Characteristics

Imports

kernel32

Sections

.xcode Size: 4KB - Virtual size: 2.6MB

.idata Size: 2.5MB - Virtual size: 2.5MB

WEIJUNLI Size: 2KB - Virtual size: 3KB

.rsrc Size: 16KB - Virtual size: 20KB

.xcode
Size: 4KB - Virtual size: 2.6MB

.idata
Size: 2.5MB - Virtual size: 2.5MB

WEIJUNLI
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 16KB - Virtual size: 20KB