4646a18ac2b5d9be9e269c9a59d032cc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4646a18ac2b5d9be9e269c9a59d032cc_JaffaCakes118
Size

69KB
MD5

4646a18ac2b5d9be9e269c9a59d032cc
SHA1

31af81b6bf30d773ff9be3e51b33484390296e88
SHA256

77ae025a01946271f47152abf4648139da23596b0754070f04346f99147b6ffc
SHA512

32fc22f9090714771b9f9274c5dae76ab60effb06df268dd2da4ea5948bdcca7a6101c099a1cc6db1c986036535aa09ae348998c0da6486f54dd73a986f48e39
SSDEEP

1536:eFjcWzVjjxDNpXCZziPHGVRpz62brGB/3bsZiZF8otV1B8u:eFQWzVjjxDfX0iPmhz62brG128v9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4646a18ac2b5d9be9e269c9a59d032cc_JaffaCakes118

Files

4646a18ac2b5d9be9e269c9a59d032cc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24d5c97181b9845f4e4533aeb8b5780e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
CancelDeviceWakeupRequest
_lcreat
GetConsoleCP
ConvertThreadToFiber
GetConsoleCP
SetConsoleMaximumWindowSize
GlobalFindAtomA
GetProfileIntA
FindNextFileA
GlobalAlloc
IsSystemResumeAutomatic
GetNumberOfConsoleFonts
CommConfigDialogA
HeapDestroy
GlobalFree
InitializeCriticalSection
ConvertThreadToFiber
GetThreadContext
GetCommandLineA
GetStartupInfoA
ExitProcess
SetConsoleFont
GetConsoleCursorMode
Sleep
GlobalAlloc
ConvertDefaultLocale
GetFileAttributesExA
CreateThread
SetTimerQueueTimer
CancelDeviceWakeupRequest
UpdateResourceA
EraseTape
CopyFileExA
GlobalAddAtomA
GetNumberOfConsoleMouseButtons
ExitVDM
ReleaseMutex
GetConsoleAliasExesLengthA
FileTimeToSystemTime

Sections

.xcode
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 46KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ