488fbb9feceaf6449de223044529385f_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

488fbb9feceaf6449de223044529385f_JaffaCakes118
Size

24KB
MD5

488fbb9feceaf6449de223044529385f
SHA1

f7c7a62afc28ec1a4be1c1350818a2263a8bca76
SHA256

b8efca5c4b219de1f4b1ba17d55b03d83c1e1f26c812a43eea7238dcad34b2b9
SHA512

05ee6344ed0ce7b651af1a584ab7854d44e3437f163c12cbfba86e618a088b464abf4da61a24056b301a552145220cf91b240ba045706a0ff95b313bac0f4741
SSDEEP

384:SMfjTI46Fi8UjqU87IvmI4uixuHcy99A71JEIYi4A771eWhSzfVxUR:bjE46Fi8UjlaIvmFgz071JZYi4Y74WwB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
488fbb9feceaf6449de223044529385f_JaffaCakes118

Files

488fbb9feceaf6449de223044529385f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0806335b45af175cea6d07765e307c17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
CloseHandle
SetFileApisToOEM
ReadConsoleInputExA
RtlUnwind
FileTimeToLocalFileTime
WriteConsoleInputA
VirtualFree
RequestWakeupLatency
UnhandledExceptionFilter
TransmitCommChar
CreateDirectoryA
MulDiv
CancelIo
ConvertThreadToFiber
SetConsoleNumberOfCommandsA
GlobalFix
GetProcessHeaps
GetLongPathNameA
ClearCommBreak
GetCurrentThread
SetConsoleDisplayMode
GetCommandLineA
GetStartupInfoA
ExitProcess
TerminateJobObject
FillConsoleOutputCharacterA
FreeEnvironmentStringsA
GetDefaultCommConfigA
DisconnectNamedPipe
GetPrivateProfileStringA
GlobalLock
GetTempPathA
IsValidCodePage
SetProcessAffinityMask
GetSystemPowerStatus

Exports

Exports

Iipxldbrs
Rkauarbt

Sections

WEIJUNLI
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.date
Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ