4572918a1b50d5e3246f1007aabb8153_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4572918a1b50d5e3246f1007aabb8153_JaffaCakes118
Size

96KB
MD5

4572918a1b50d5e3246f1007aabb8153
SHA1

0344b6e0e6d0451a08132df696f554d855ace007
SHA256

8a8bcf1cfc081aac7a07c1f4aec2c0bf242d4edda73da3d07afa2a113dc201c5
SHA512

35b9d888614aacff7d6b6fd5ddffeb3750fb2e9d8731d8b3bfb07b2f654a2c397b5e18cbb2cd1fa02fb71d141f7a0423e16428647d85c9411557746d89ce8b86
SSDEEP

1536:vwnmkHEfEusPtQvYCeYEBSRyKsYTV0W0IcAm4vrPoWfU4WC3XM7W836FG9mOBWly:vwnbHEfEusPivrehSAKsYTWuzvrQ4WAe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4572918a1b50d5e3246f1007aabb8153_JaffaCakes118

Files

4572918a1b50d5e3246f1007aabb8153_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3c892842e05dc0da7568ead564074e0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
AreFileApisANSI
SetConsoleScreenBufferSize
EnterCriticalSection
SetSystemPowerState
LocalFileTimeToFileTime
QueueUserAPC
GetStartupInfoA
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ