4d5497a8f04de3af867b8489e3e6adf7_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d5497a8f04de3af867b8489e3e6adf7_JaffaCakes118
Size

96KB
MD5

4d5497a8f04de3af867b8489e3e6adf7
SHA1

4276c64de8b14ef50a5a1ff92721d36bb7e19b37
SHA256

118e65e7eb9c155aacae9b84155c9c786e6bbb6ee94619e4ad57d4c51af15df5
SHA512

a25e96012b11c9c68bb232e12562a2fc99c90e107cdefaada0d53ba0c59dd6292c6a6fce6226688cbab7ceff1d715d6ca1eb27a31e44217970fce2f65f1119b0
SSDEEP

1536:r9PaGIySdNOnxAQ849/95P6JtexxfpZLtlcZkeRsMaWaKB1y5:ZPajxQnmQ8mAkPLtlsphB4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d5497a8f04de3af867b8489e3e6adf7_JaffaCakes118

Files

4d5497a8f04de3af867b8489e3e6adf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

db93976da8924665673f840c96e3e5ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
ConsoleMenuControl
UnregisterConsoleIME
DeleteFileA
GetProcessShutdownParameters
GetNumberFormatA
EnumDateFormatsExA
RegisterWaitForSingleObjectEx
GlobalUnlock
Process32First
QueueUserAPC
GetPrivateProfileStructA
GlobalCompact
GetCommandLineA
GetStartupInfoA
ExitProcess
ReleaseSemaphore
SetFilePointerEx
GetCommMask
GetDiskFreeSpaceExA
GetConsoleCommandHistoryA
GetThreadTimes
VerifyVersionInfoA
ReleaseMutex
GetCommMask
AddAtomA

Sections

.itext
Size: 4KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA