4ba2a7749a50f76d2bc0a17eac9889b8_JaffaCakes118 | Triage

Sharing

General

Target

4ba2a7749a50f76d2bc0a17eac9889b8_JaffaCakes118
Size

96KB
MD5

4ba2a7749a50f76d2bc0a17eac9889b8
SHA1

dbc7cce46b7f438291f229b698c933d46262d967
SHA256

cf7c53b324c59103c36a620a8acbe881c8f7d3782e73bb60c4c3ce98ea2f31b1
SHA512

7a12db64e79af4f9cfc3652e61b367092bf98e1719515afa84be6f392aa3c32d5dd0a35a4d7ab9b578cfb0e2ab26efe47a0d9f42c197dbf778413753d891eac0
SSDEEP

1536:mumC66FPIu01tkchJMTrszm4rNy/sa5h/reKs6AeqtUcLrge9TUsr:mumCJSuCtBh+HszmYNyUqreb/gmB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ba2a7749a50f76d2bc0a17eac9889b8_JaffaCakes118

Files

4ba2a7749a50f76d2bc0a17eac9889b8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a81c56f787f1b5dc8ba1fac300292a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
UnlockFileEx
GetNamedPipeInfo
OpenJobObjectA
SetCommBreak
CopyFileA
GetThreadLocale
IsDBCSLeadByte
IsBadHugeWritePtr
FileTimeToDosDateTime
MapViewOfFile
InterlockedIncrement
GetNumberOfConsoleInputEvents
SetCommMask
GetAtomNameA
GetCommandLineA
GetStartupInfoA
ExitProcess
AllocateUserPhysicalPages
VDMOperationStarted
WritePrivateProfileStringA
IsBadWritePtr
TerminateJobObject
WriteProfileStringA
GetDiskFreeSpaceExA
GetVolumePathNameA
SetErrorMode
InvalidateConsoleDIBits
SetConsoleWindowInfo
WritePrivateProfileStructA

Sections

.itext
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA