3e1038d7ed2fa1c8611f3bb1d488c135_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3e1038d7ed2fa1c8611f3bb1d488c135_JaffaCakes118
Size

92KB
MD5

3e1038d7ed2fa1c8611f3bb1d488c135
SHA1

7719d800193250d1a8799d0c07b82d7c3050bdf2
SHA256

751351526df4406b35cb5a7d27e0ada99d10394205103e0a199eb5a00546aa04
SHA512

b8726a8b86c45dc6eed503fd4bd339f8b44a5ad8eb917a624b615a41e4b85bf2e5cf18244bedb7428e1597cc9eb1958f7914f8e7788771401a50961d25aa9ae9
SSDEEP

1536:WyDGfAxpbB5zFVWRvJvo6HcPekL/Qae3x/pdk86hBbmPZhezwjAtwBKPIOzz:lxXZF8HIVQ33xbk86hBUesEwGIOf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3e1038d7ed2fa1c8611f3bb1d488c135_JaffaCakes118

Files

3e1038d7ed2fa1c8611f3bb1d488c135_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2b035b42e2ff7b2cc0076d0edd307e6d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
FlushConsoleInputBuffer
WriteConsoleOutputA
FormatMessageA
ReadFileScatter
HeapSize
GetCommMask
GetOverlappedResult
CloseProfileUserMapping
LoadLibraryA
GetTapeStatus
LocalFileTimeToFileTime
GetCommandLineA
GetStartupInfoA
ExitProcess
TlsGetValue
SetProcessShutdownParameters
AddConsoleAliasA
ReadFileEx
GetLocalTime
SetLocalTime
GetConsoleOutputCP
OpenFile
GetBinaryTypeA
UTRegister
CreateFileA
lstrlenA
DebugBreak
GetDefaultCommConfigA
VerifyVersionInfoA

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.date
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ