3b84592899de72c0dcd63fc924a0d0f9_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b84592899de72c0dcd63fc924a0d0f9_JaffaCakes118
Size

92KB
MD5

3b84592899de72c0dcd63fc924a0d0f9
SHA1

ec98bc935f7e15c185dec92a6f1e2fd715c99324
SHA256

ac45185159bc20ede9e276105a6551a62032a39611144543932c1d7341bc4ba6
SHA512

f7c835efd15aba7eec0e34f0d07f718497c7f65d2379767bb28cb70077d015c71930b82ef58024cf283911fc961be38dff52721d4d94e904d8cd8d667de0522f
SSDEEP

1536:RVCs0geMF93vMiu6bdgtJRqSgrz2eeM/L5nXcjos3B6GN881I4Ho3eWJo+tZK:Rx0grHb7OybeOajosxU81RHeRtc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b84592899de72c0dcd63fc924a0d0f9_JaffaCakes118

Files

3b84592899de72c0dcd63fc924a0d0f9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e338dd9096e1df3b56968c55f6c49bf1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
SetConsoleCursorInfo
SetConsoleScreenBufferSize
VerLanguageNameA
SetMailslotInfo
IsValidCodePage
SetLocaleInfoA
SetConsoleCursorInfo
TlsFree
QueryPerformanceCounter
GlobalUnWire
GetConsoleOutputCP
RaiseException
EnumSystemLocalesA
OpenThread
RtlMoveMemory
FindFirstVolumeMountPointA
GetCommandLineA
GetStartupInfoA
ExitProcess
TlsAlloc
lstrcmpiA
FindCloseChangeNotification
GetShortPathNameA
WriteConsoleOutputAttribute
SetPriorityClass
LocalCompact
QueryDosDeviceA
FlushFileBuffers
EnumCalendarInfoA
SetHandleInformation
SetConsoleTitleA
OpenWaitableTimerA
_lclose
GetConsoleFontSize
GetCPInfo

Sections

.itext
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA