25b4eac1477c5dad5611bc6a4b1e8960_JaffaCakes118

General

Target

25b4eac1477c5dad5611bc6a4b1e8960_JaffaCakes118
Size

174KB
MD5

25b4eac1477c5dad5611bc6a4b1e8960
SHA1

6512058f9c0abb312c50a171131ba3475868cf3c
SHA256

42527e90eed6bfc492a3077af6889b61cba78b24a138d5125fef03743dfa7a3f
SHA512

9eae3f389f76f0732e4f69932706765ff998a068ac8c79646fb2e2b4ba763c19ab5d22c907883b663968f4150518566e91e082d4d637eeaba4a2faea6bb31945
SSDEEP

3072:SoQu/6KcqP1BT67RUmSDt9ZP+V320yA4v6M3tgMDZ5KD/SIBy8SJFODTtfjrR:SVu/pc0T69NotnWo0yXhnDZwSII8SnsT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25b4eac1477c5dad5611bc6a4b1e8960_JaffaCakes118

Files

25b4eac1477c5dad5611bc6a4b1e8960_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ece82fa2c403820d8df51804a1e43487

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RtlUnwind
IsValidLocale
IsDebuggerPresent
GetVersionExA
GetThreadPriority
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
GetCurrentDirectoryW
GetModuleHandleA
HeapFree
GlobalAlloc
GetCurrentThreadId
SetEndOfFile
LCMapStringW
SetupComm
WriteFile
GetModuleFileNameW
EnterCriticalSection
GetFullPathNameW
SetStdHandle
EnumResourceNamesA
WriteConsoleA
MultiByteToWideChar
GetProcessHeap
LCMapStringA
GetProcAddress
ExitProcess
GetCommandLineA
WideCharToMultiByte
TerminateProcess
ExitProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
EnumSystemLocalesA
HeapAlloc
CreateFileA
ReadFile
HeapSize
InterlockedDecrement
RaiseException
GetConsoleOutputCP
GetUserDefaultLCID
Sleep
HeapReAlloc
GetLocaleInfoW
GetLastError
GetCPInfo
GetCurrentProcess
WriteConsoleW
CloseHandle
IsValidCodePage
GetFullPathNameA

shell32

SHFileOperationW
SHCreateDirectoryExW
SHGetFolderPathW

rpcrt4

UuidCreate

user32

GetAncestor
MessageBoxW

Sections

.text
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ece82fa2c403820d8df51804a1e43487

Headers

File Characteristics

Imports

kernel32

shell32

rpcrt4

user32

Sections

.text Size: 145KB - Virtual size: 144KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 25KB - Virtual size: 25KB

.crt Size: 512B - Virtual size: 212KB

.text
Size: 145KB - Virtual size: 144KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 25KB - Virtual size: 25KB

.crt
Size: 512B - Virtual size: 212KB