cf223ec21a499cad8d0645ad40225001_JaffaCakes118 | Triage

Sharing

General

Target

cf223ec21a499cad8d0645ad40225001_JaffaCakes118
Size

96KB
MD5

cf223ec21a499cad8d0645ad40225001
SHA1

e4dc53ec71bb1f00a47050289dbeb8313a1660f1
SHA256

05699029e2055d2518b22bb222f2c0173a33a169894330890059e889303404a4
SHA512

3ba2930f826b60cb7794d6bfbddb164d1d22978df335c2a3efc5d3581aa133388828d10d3d49a2fca3dd46a2a545c27d289a77d1346059c5ea8f15ca33824f6a
SSDEEP

1536:wwyEbWYPUYXGRwvX9U7ST9zG5MfQWuZLjTcolnzhKCK7JNrbkq7eLR1:wwy3YPUYXGm/9UGhKS4vZLfN4JNa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf223ec21a499cad8d0645ad40225001_JaffaCakes118

Files

cf223ec21a499cad8d0645ad40225001_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57d380bef887514e050735f48ab0cfee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
SetFilePointer
SetEvent
GetLocaleInfoA
SetThreadExecutionState
SetThreadPriorityBoost
BackupRead
GetStartupInfoA
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ