25f5247c22dc0c69d377f85bb7d7182b_JaffaCakes118 | Triage

Sharing

General

Target

25f5247c22dc0c69d377f85bb7d7182b_JaffaCakes118
Size

156KB
MD5

25f5247c22dc0c69d377f85bb7d7182b
SHA1

467f6453b89137aa48efcb0e3a19d29bb18c4602
SHA256

09e82c3fbddd7d66bbff2df887c949618b55f4919ae74a467bde4eb543cdb648
SHA512

f3107a18a5601ac49a545e30721118563290ff7037744e996d6df880126ec81ca646b7fd6e338336b60983196a6f08b015ada92840a0c20c360e3f130af35f6a
SSDEEP

3072:O6f29WtOvHK9uA6sx9uuI5nCEAgxC7q3msfJHnwe:OHcES6sXNI5EiCs5fZnwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f5247c22dc0c69d377f85bb7d7182b_JaffaCakes118

Files

25f5247c22dc0c69d377f85bb7d7182b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

.text
Size: 52KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE