2ba3db48bbbaa27e6d73ba38fd3f26bb_JaffaCakes118 | Triage

Sharing

General

Target

2ba3db48bbbaa27e6d73ba38fd3f26bb_JaffaCakes118
Size

92KB
MD5

2ba3db48bbbaa27e6d73ba38fd3f26bb
SHA1

cf10451f96853ba80260edae3229d82557102029
SHA256

4a83e7f397d735d9babea94c8b12faaf54f2838d767f9c0d270d277cdb818e01
SHA512

c9b79921d61be1c7ef9edf57866575955291d8e6edecd428e52ccbce635f8b88d7333bddd76de320e117bae6a4aeb0fce2e7b4ef2740279bcba175f1541ee287
SSDEEP

1536:rXu5TQPUWFRD9LLv+N1EnzUvFf6Alz+jLO5RUz+GzzwblV7O8:rXWkP3F7fpnQvFfTMamqGAb7O8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba3db48bbbaa27e6d73ba38fd3f26bb_JaffaCakes118

Files

2ba3db48bbbaa27e6d73ba38fd3f26bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6b2bc027e3a754b52ad9f346ccda62eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
OpenWaitableTimerA
LocalUnlock
ClearCommError
WriteFile
ConsoleMenuControl
GlobalUnfix
GlobalGetAtomNameA
GetVolumeInformationA
SetNamedPipeHandleState
BackupWrite
GlobalFindAtomA
GetCommandLineA
GetStartupInfoA
ExitProcess
GetNextVDMCommand
RemoveDirectoryA
OutputDebugStringA
LockFileEx
QueryPerformanceFrequency

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ