25ae8519affd015dd9bc0dcdf9d5a11a_JaffaCakes118 | Triage

Sharing

General

Target

25ae8519affd015dd9bc0dcdf9d5a11a_JaffaCakes118
Size

840KB
MD5

25ae8519affd015dd9bc0dcdf9d5a11a
SHA1

6b415ea39d0296fbfc625a9d31c1e52c1df2173a
SHA256

1d41477efc7b920f587d8cb1f1dbb1d02b3adf001573fbe1b2b89b90159d799c
SHA512

08916666dcd7f8d16176e6786629dc79a618944d3a78feccf0dc3089cf0207678661a78a00328fdbc390647ad742c83aa739b06998ec022773cbed6f5db5a3b3
SSDEEP

12288:XeOuOdinAHTCWzER6bNq9pLQEJPBVyal7qju8ljavqBxsA7PlG2LPCFN5j5m:X3lAAeWIkbNaLPbVyFjDLQqtF+FN5j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ae8519affd015dd9bc0dcdf9d5a11a_JaffaCakes118

Files

25ae8519affd015dd9bc0dcdf9d5a11a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c958ae6b1c2c2a6b32395311d13e1af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
GetProcAddress
SetErrorMode
GetModuleHandleA
GetVersion
GetTickCount
GetCurrentProcessId
GetEnvironmentVariableA
FreeLibrary
LoadLibraryA
GetLastError
LocalAlloc
LocalFree
CreateFileA
CloseHandle
ReadFile
SearchPathA
Sleep
WaitForSingleObject
CreateSemaphoreA
OpenSemaphoreA
ReleaseSemaphore
HeapFree
HeapAlloc
VirtualFree
VirtualAlloc
GetModuleHandleA
GetVersion
GetModuleHandleA
GetProcAddress

user32

MessageBoxA

msvbvm60

__vbaVarSub

Sections

.text
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.protect
Size: 372KB - Virtual size: 370KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE