25a2cce8821fe7404626d723b60b90a6_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25a2cce8821fe7404626d723b60b90a6_JaffaCakes118
Size

42KB
MD5

25a2cce8821fe7404626d723b60b90a6
SHA1

f6af03c11f376c18b15702bb78619ba0cb8e69c5
SHA256

0c113575399286e8f64e83163689a79a1b89c272466ecffd1ce14f2a8f275d8d
SHA512

90852ba8c09d077282ff3e55a8a7f4d5e1aa56da2c84399c6a90c296eef09844ac42317de1e18e7755b9cb6d5a2ae29bacd37208a26a64cf467b1d6686bf2dbf
SSDEEP

768:wC5K/DUayoalogvbrSYjgbTL6kNd9kdtOkJ7/4UN8hpGeuteujZ9fEFJm:wC52t7QbmYcTL6gkZJ7/3NZ9fEC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25a2cce8821fe7404626d723b60b90a6_JaffaCakes118

Files

25a2cce8821fe7404626d723b60b90a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0871cdc9c3a155a55bdb43cb76dc5197

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

msvcrt

_controlfp

user32

DefWindowProcA

advapi32

RegCloseKey

shell32

ShellExecuteA

wininet

InternetGetConnectedState

ws2_32

WSACleanup

ole32

CoInitializeEx

oleaut32

SysAllocString

version

GetFileVersionInfoA

gdi32

GetDeviceCaps

urlmon

URLDownloadToFileA

Sections

.text
Size: 32KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE