25d67e4d4ece3b5e6333284ccdad7f2c_JaffaCakes118 | Triage

Sharing

General

Target

25d67e4d4ece3b5e6333284ccdad7f2c_JaffaCakes118
Size

164KB
MD5

25d67e4d4ece3b5e6333284ccdad7f2c
SHA1

d5a8fd7779556cde1017ca0ed971265b4c0fa976
SHA256

392d453e27d3a8b1ae1734e129591e6f73f4e1b2b552d36cc400689d18f028ae
SHA512

4266aa5e0505948aae94be20b475a3513306d877984a430a82b6dde8a535ff92dcd85b38eba73806e9ab6ed2fabc92bf2cba0735b7ea5eda48a7498e6b8af092
SSDEEP

3072:QoidSlWDyVEGigPojTGY4pgYKaTsd/HTLkJ3AujFHMWRTrdL2TR07Y:qSlBmGigPuSY4pjhTsBY6uBsEgSs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25d67e4d4ece3b5e6333284ccdad7f2c_JaffaCakes118

Files

25d67e4d4ece3b5e6333284ccdad7f2c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3028294a2a640be350b5a14cad2f5608

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

W:\UKlscvazlNw\oozubazk\ohmwrzxyxoppf.pdb

Imports

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_amsg_exit
_initterm
_ismbblead
_XcptFilter
_exit
_cexit
__setusermatherr
mbstowcs
__getmainargs

gdi32

SetLayout
PathToRegion
CreateEllipticRgnIndirect
StartPage
ScaleWindowExtEx
GetTextColor

user32

SetWindowPlacement
wsprintfA
GetMessageW
DefWindowProcW
SetWindowPos
ShowCaret
TrackPopupMenu

shlwapi

StrFormatByteSize64A
StrRChrW

kernel32

SetThreadExecutionState
GetExitCodeThread
SetThreadPriority
IsBadReadPtr
HeapFree
DeleteFileW

Exports

Exports

?GeometryTranslate@@YGHPADK|U

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 399KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE