2db8f7a7db473fcf43ba49dcf83a5aaa_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2db8f7a7db473fcf43ba49dcf83a5aaa_JaffaCakes118
Size

92KB
MD5

2db8f7a7db473fcf43ba49dcf83a5aaa
SHA1

26b453f9c24395da20b6188dff9f8a9af6451feb
SHA256

569581773e7d6cc0871dae0196329b931589fb626a07cb199747e1a017380abf
SHA512

4ed435e93a26deb9e57eaee61f3edb7b0f69d5d445e2e278ad02bb79acd3862470163ea76315ade8749b0f378f5c5295504b4a10609d60b5ada7cb92b31f5bf1
SSDEEP

1536:Z4MwhykOEsRIEj2H4k5FlAoBxEuZjkY5ujhOQEv4jY/mF6bfJx:Z4MwIEZ62Yk5Xar9jn6b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db8f7a7db473fcf43ba49dcf83a5aaa_JaffaCakes118

Files

2db8f7a7db473fcf43ba49dcf83a5aaa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7be09bc1bef6dc8e359da2e9f9bab094

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
lstrcmp
OpenSemaphoreA
SetConsoleOS2OemFormat
GetCommConfig
SetConsoleCursorInfo
QueryDosDeviceA
WritePrivateProfileSectionA
GetSystemInfo
QueryInformationJobObject
WaitForSingleObjectEx
DeleteTimerQueueEx
GetCommandLineA
GetStartupInfoA
ExitProcess
TlsGetValue
GetPrivateProfileIntA
GetFileSizeEx
CloseConsoleHandle
GetCommandLineA
SetCurrentDirectoryA
EnumCalendarInfoExA
FindNextFileA
_lclose
GlobalMemoryStatus
ReplaceFileA
GetPrivateProfileIntA
GetConsoleInputExeNameA
SetEndOfFile

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xdata
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ