2ab3dbdcdd8665ab66676d82834a689a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2ab3dbdcdd8665ab66676d82834a689a_JaffaCakes118
Size

96KB
MD5

2ab3dbdcdd8665ab66676d82834a689a
SHA1

6bf980a5e294092412acde289a894f2f89661915
SHA256

8e6d6afe7b0830ab43814b51cb0f1224547ea48c7f0877384b1c06e072ca5c7d
SHA512

e5ae9ad65224f5c18d6f34abe6c24412250ce72905da777e9ff4a739f10d2cfc47e371de8749c8565c0e7fd07bae880319803731a899fad9c9c1746554c4dc28
SSDEEP

1536:+G+MedphSCKe8Ie0RKGMLPfCkYkDyWEq3abJEAJnfv9tDwwhpYSx6Bsk9GW:n+MvIVkkloEq0R1zDwep1xMsk9GW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ab3dbdcdd8665ab66676d82834a689a_JaffaCakes118

Files

2ab3dbdcdd8665ab66676d82834a689a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5b2f181a347c1e48092d5f7ca4d0d1d6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
VerifyConsoleIoHandle
FatalAppExitA
VDMOperationStarted
SetVolumeLabelA
WriteConsoleOutputAttribute
RegisterWowExec
GetComputerNameExA
GetDiskFreeSpaceExA
GetProcessAffinityMask
GetCommandLineA
GetStartupInfoA
ExitProcess
DisconnectNamedPipe
IsBadWritePtr
GenerateConsoleCtrlEvent
WriteConsoleOutputAttribute
SetEnvironmentVariableA
GetCompressedFileSizeA
ShowConsoleCursor
GetWindowsDirectoryA
GetConsoleNlsMode
ReadFileEx
SetTermsrvAppInstallMode
CreateIoCompletionPort

Sections

WEIJUNLI
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ