2bab5728370e01926fce5d70775ffb22_JaffaCakes118 | Triage

Sharing

General

Target

2bab5728370e01926fce5d70775ffb22_JaffaCakes118
Size

92KB
MD5

2bab5728370e01926fce5d70775ffb22
SHA1

44252c1325952a1ca84c89816b2cd9069a8c7ae3
SHA256

1d4b6fbb46c4ff79a098c48a125f3fbda7601f095a07e2490967010dabf087ab
SHA512

301a365573c2044a06a9dcd9edb3d027ae7dbfbd2ca752fef612961b87386879e6c9918d10e7312b61d7c6c78d4851b48b346f90e2ed2dc5a25151821e0886d1
SSDEEP

1536:1WiGNyEg+SRUqoHBWYEy9PN/1T0Ok7K/kpFzHF2r5q:1WiPEFMonEy/l0ZZF2d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bab5728370e01926fce5d70775ffb22_JaffaCakes118

Files

2bab5728370e01926fce5d70775ffb22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa0463aaefc37fa8e7b600c90d565ecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
RegisterWowBaseHandlers
OpenThread
UnmapViewOfFile
GetStringTypeExA
DosPathToSessionPathA
CreateIoCompletionPort
FindFirstFileA
GetAtomNameA
SetThreadContext
GetThreadSelectorEntry
lstrcmpA
GetCommandLineA
GetStartupInfoA
ExitProcess
WriteFile
CreateTapePartition
DeleteCriticalSection
GetConsoleCommandHistoryA
FindAtomA
WriteFileEx
GetWindowsDirectoryA
FlushFileBuffers
TransmitCommChar
CopyFileExA
GetConsoleCharType
GetConsoleDisplayMode
lstrcmp
FreeConsole
TerminateJobObject
CmdBatNotification

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ