25ac538a3b88c025768e41988fb45023_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25ac538a3b88c025768e41988fb45023_JaffaCakes118
Size

27KB
MD5

25ac538a3b88c025768e41988fb45023
SHA1

db4cd1985186188d1cad3bd1b461406ae034f515
SHA256

ffd1ef03005d7392999261ae7321e918ab4ee373b509f4ac26fe44495431b1a8
SHA512

765a0f22223f810a1a72fda1a4b3adcaea712ebcba9a91e39d83611826d81bcd70f00cdb2928c282b4945803c876e41ca9f5f9b14761f0968eff2515a716b697
SSDEEP

384:+GU3hUniTYH2px/Zpjry0eKxK1kEUG7iAUzcL0KzfAj0PhTmguzOL8YkpOWxtkWH:jQ/pfpCyK1kfG7iA95fNT9MO5ux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ac538a3b88c025768e41988fb45023_JaffaCakes118

Files

25ac538a3b88c025768e41988fb45023_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a1e1b25deeea6a70f4234237a85350ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoTaskMemFree
CoLockObjectExternal
OleSetAutoConvert
OleGetIconOfFile
BindMoniker
CoUnmarshalInterface
CoResumeClassObjects
OleLockRunning
OleRun
CoUnmarshalHresult
CoGetStandardMarshal
CoMarshalInterThreadInterfaceInStream

kernel32

IsDebuggerPresent
FlushFileBuffers
CreateFileMappingA
GetCPInfo
HeapFree
GetProcessAffinityMask
lstrlenW
lstrlenA
LCMapStringW
ExitThread
ExpandEnvironmentStringsA
VirtualAlloc
SetLastError
FindFirstFileA
GetUserDefaultLCID
WideCharToMultiByte
WaitForMultipleObjects
InterlockedIncrement
RtlUnwind
GetCurrentProcessId

user32

GetCursorPos
DrawIconEx
CheckMenuItem
PostMessageA
DispatchMessageA
GetWindow
TranslateMessage
ScreenToClient
IsWindowVisible
GetMenuCheckMarkDimensions
MessageBoxA
LoadAcceleratorsA
EndDialog

msvcrt

_initterm
_wctime
atol
_beginthreadex
__dllonexit
wcsncmp
strncat
_wcslwr
_splitpath

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ