25405e254ae646aeb1e60ed3c81fd8f5_JaffaCakes118 | Triage

Sharing

General

Target

25405e254ae646aeb1e60ed3c81fd8f5_JaffaCakes118
Size

51KB
MD5

25405e254ae646aeb1e60ed3c81fd8f5
SHA1

bdcd4c1e873feae2be2fa1e787e35ad907e66889
SHA256

7d6c3ff64587964f5750efbb58569bbdf824a2650f97b3d744fd29251e941984
SHA512

8c7c7a5e4885f701b411d1d7245291c1e0d0944ca956c24bfb390428018884ea25743f044b505c6c400e9c10e6a8988b6d33942184181277f069279486ef9787
SSDEEP

768:ZNxxf04EjEUeRCMhJGMCU/9pYjPHhF9Y+o9Qdk/k2DFAVfeV7gc0POmzCFywusLN:JfUGCM6MCUViBAps6F710mcUVuM+g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25405e254ae646aeb1e60ed3c81fd8f5_JaffaCakes118

Files

25405e254ae646aeb1e60ed3c81fd8f5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4064c1353ec3507087baf74f6550286b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
IsProcessorFeaturePresent
OpenProfileUserMapping
SetCriticalSectionSpinCount
SetCurrentDirectoryA
TlsGetValue

user32

CharPrevA
CreateDialogParamA
GetPriorityClipboardFormat
GetTabbedTextExtentA
GrayStringW
MessageBoxIndirectW
RegisterDeviceNotificationA
SetProcessWindowStation
ValidateRgn

shell32

CheckEscapesW
FindExecutableW
SHGetSettings
SheChangeDirExA
SheRemoveQuotesW
SheShortenPathA
ShellExecuteEx

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE