29dc29835ccc242c1851f2b586b3ee5c_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29dc29835ccc242c1851f2b586b3ee5c_JaffaCakes118
Size

96KB
MD5

29dc29835ccc242c1851f2b586b3ee5c
SHA1

29c50e61d8f69b99e6c27a063497aef95f8034c0
SHA256

6de4e0982b2ab3e3ef584e0cd50abee0ddbdcd0bb79219c779fbb917b41f208f
SHA512

9d9a95bf4a6d29f79d52088dbc07d8882f77169fd259a7ad945c797b2629ca49045cbc7eca35dd7d789bdb621ea8dfea89690e1d02102ed66b180b5feafb9c99
SSDEEP

1536:17Z4poWyMxPD5L0i/lwWS+kkOOPS5hre4l9NNW7ESNK9ZjPVpQXC:tbC9L0s2TZtjbW7EIAVVpQXC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29dc29835ccc242c1851f2b586b3ee5c_JaffaCakes118

Files

29dc29835ccc242c1851f2b586b3ee5c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea10d12692cfaf197cebbad430dbbf76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
RegisterWaitForInputIdle
DuplicateConsoleHandle
WaitForSingleObjectEx
GlobalMemoryStatus
SetUnhandledExceptionFilter
ExitThread
MapViewOfFileEx
GetConsoleDisplayMode
GetStartupInfoA
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA