25ffad6dae20a559727a43d165104e2a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25ffad6dae20a559727a43d165104e2a_JaffaCakes118
Size

61KB
MD5

25ffad6dae20a559727a43d165104e2a
SHA1

04976281d520f78af419efc544bd88c2e371a4c9
SHA256

7d840cff9c47a7e7a682dddc48e245b60be26acfc107eb3aa987c997371aec1f
SHA512

570a9e9dd0ca087d1ecf826f2e84e48b3847b9bcb4c471ff74418399c924a7b9651e291fa2f6c8de28955b11e8c23b231a85316a803c33170009b8d468b849c6
SSDEEP

768:0ZFvRiT/SRVo8KtmiDU2q+LhCfPRY9jjfcp84TRXhnBD5/d0bgUaf+Qgf:sMbGUtnVq+LhkJY1n4dXLFF0bQf4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ffad6dae20a559727a43d165104e2a_JaffaCakes118

Files

25ffad6dae20a559727a43d165104e2a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

9933ed44ce945bb30eb3ab6e1d8cd8d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SelectClipRgn
StretchBlt
AngleArc
PolyPolygon
TranslateCharsetInfo
CancelDC

crypt32

CertUnregisterSystemStore
CertSetCertificateContextProperty

kernel32

EnumResourceTypesA
MapViewOfFileEx
GetNamedPipeHandleStateW
GetLastError

actxprxy

GetProxyDllInfo

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rlpznlb
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 543B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ