25d184aa7cd4ae2206dc80096f5f2923_JaffaCakes118 | Triage

Sharing

General

Target

25d184aa7cd4ae2206dc80096f5f2923_JaffaCakes118
Size

240KB
MD5

25d184aa7cd4ae2206dc80096f5f2923
SHA1

54c8bfb96fcfd6177d3c53e9573ded7895566e28
SHA256

75e90158241651de0b2856db8af36ce5ff450b1bb50c00bbc36e79cb26ba8665
SHA512

767793e54897072bce4bad875c7de2800d25f02027dba94751b3206f56a827c47f2d411d32100cb430aedf2867348ebb89017bd414979d9fc375251f0b355e48
SSDEEP

3072:LdLqokjkphLEPHzNuONsGLlR+RvsdNG6qYeyTZdNo7MJSNhN:5LqohLEPHNp8AG67NoQIN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25d184aa7cd4ae2206dc80096f5f2923_JaffaCakes118

Files

25d184aa7cd4ae2206dc80096f5f2923_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f304e9a665e3238798c0b76ff87f956

Headers

Imports

gdi32

BitBlt
CreateCompatibleDC
DeleteDC
GetObjectA
SelectObject

kernel32

AddAtomA
CloseHandle
CreateMutexA
CreateSemaphoreA
ExitProcess
FindAtomA
GetAtomNameA
GetCommandLineA
GetLastError
GetModuleHandleA
GetStartupInfoA
InterlockedDecrement
InterlockedIncrement
OpenProcess
ReadProcessMemory
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject
WriteProcessMemory

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_assert
_cexit
_iob
_onexit
_setmode
abort
atexit
fflush
fprintf
free
malloc
memset
signal
sprintf
strcmp

shell32

ShellExecuteA

user32

BeginPaint
DialogBoxParamA
EndDialog
EndPaint
FindWindowA
GetAsyncKeyState
GetCursorPos
GetWindowRect
GetWindowThreadProcessId
LoadBitmapA
ReleaseCapture
SendMessageA
SetTimer
SetWindowPos

Sections

MEW
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE