40cad6b21abe6a5b43f38042e2f40620_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40cad6b21abe6a5b43f38042e2f40620_JaffaCakes118
Size

92KB
MD5

40cad6b21abe6a5b43f38042e2f40620
SHA1

4e4e87b0d63efb9a4b423c1ceff5e19da204ed89
SHA256

dcff68ffb252d7d541d2ecf8fe81ec1cd5de20e4839359062c1257f101bae5c6
SHA512

e64a0633f1e07c90353a1010f3851c25937db6385167977744f45926f23b9a4f7164c13f6126b9d5b3222155a3f95b2e1bb05b1365031980c5566d4944a7459d
SSDEEP

1536:S6lSu2oUSBte41h48M2mgwGCOU6aIHZ7kbWtGpgbrFrqz7gBO:UvonBteydbw8U6aSBKWugdrq3g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40cad6b21abe6a5b43f38042e2f40620_JaffaCakes118

Files

40cad6b21abe6a5b43f38042e2f40620_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d5aa275639f1f24dcbc6e6f367ab30be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
LocalSize
SetEvent
SetConsoleMode
FreeUserPhysicalPages
GetConsoleAliasesA
QueryPerformanceCounter
GetNamedPipeInfo
GetFileInformationByHandle
GetThreadSelectorEntry
CreateIoCompletionPort
GetCommandLineA
GetStartupInfoA
ExitProcess
RegisterConsoleVDM
LocalFree
WritePrivateProfileStructA
SetConsoleHardwareState
SetConsoleWindowInfo
WritePrivateProfileStructA
ReadConsoleInputA
CopyFileExA
TerminateJobObject
QueryInformationJobObject
RaiseException
CopyFileExA
DeleteVolumeMountPointA
WriteConsoleInputA
GetConsoleFontInfo

Sections

.itext
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA