25636827f712665c1a37a4b256955c42_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25636827f712665c1a37a4b256955c42_JaffaCakes118
Size

10KB
MD5

25636827f712665c1a37a4b256955c42
SHA1

a98713a7c24a28b786e479cc6e226185d9873ebb
SHA256

237d6d457b1fb07671aca70e599997dd7bda7dd0d2df902bddb3f09fa38c8812
SHA512

7603b387fc952d3c3887cb5ef7e731b8e9cdcf320d7a328da092f20e8d27492583f516c84987e7eea03caa7c60328c7c4b42015347c6336f3ac11dd38948e8af
SSDEEP

192:iSXDXfPdh2oCd47G/BEuKl7CdaIINsoQlcM7wY5SkOkv7drohuM9Y+3H8HRRb:iJMOpdpOsouzTSkOk5roKiHsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1031-9b77e2b7937e1913bf225578d4621a4e5f343024

Files

25636827f712665c1a37a4b256955c42_JaffaCakes118
.gz
1031-9b77e2b7937e1913bf225578d4621a4e5f343024
.exe windows:5 windows x86 arch:x86

fb9a1c296341f698de79ccb03cce3a83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenEventA
ReleaseMutex
GetModuleHandleA
CreateFileA
LoadLibraryA
OpenMutexA
GetProcAddress

user32

CloseWindow

gdi32

CreateBitmap

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 97B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ