48141b6c54c2240fffc0d8fe76612992_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

48141b6c54c2240fffc0d8fe76612992_JaffaCakes118
Size

92KB
MD5

48141b6c54c2240fffc0d8fe76612992
SHA1

19de03103450e52e06a746c942b134c67a28cff5
SHA256

05ce2f0fd65f520b62763db819121647a0af9b193995986b37e9d611fe032e9e
SHA512

42fe6c502246371f9f96fa3564b2cafaceaf4db04c9dda0d12ca961a0820d06ea6496a7baaf3405ba6044427435e60e2cba8ba93540d8e90c95eb52f885a5db9
SSDEEP

1536:t265Ety9efcXJZzgZNa/SYNlTxNe6cihhZAdBbe/cgNF4miBt6Pb8FN0741:rwf1U/lTxI6ciRAdBDgbPb8FNV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
48141b6c54c2240fffc0d8fe76612992_JaffaCakes118

Files

48141b6c54c2240fffc0d8fe76612992_JaffaCakes118
.exe windows:4 windows x86 arch:x86

50f9847085b53c2e64bba591c5509aab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
WriteFile
RegisterWowExec
DuplicateConsoleHandle
UnregisterWait
ExpungeConsoleCommandHistoryA
SetCommState
SetTapePosition
GetBinaryTypeA
DelayLoadFailureHook
ConvertThreadToFiber
SetDefaultCommConfigA
QueryPerformanceFrequency
GetNamedPipeHandleStateA
HeapSummary
GetCommandLineA
GetStartupInfoA
ExitProcess
IsBadHugeReadPtr
GetPrivateProfileSectionA
RequestDeviceWakeup
EnumSystemLanguageGroupsA
LocalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
CreateThread
VerifyConsoleIoHandle
FoldStringA
GetCommState
WaitCommEvent
Beep

Sections

WEIJUNLI
Size: 4KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ