25e9e995841a1c2c9d32d1d2de982b32_JaffaCakes118

General

Target

25e9e995841a1c2c9d32d1d2de982b32_JaffaCakes118
Size

32KB
MD5

25e9e995841a1c2c9d32d1d2de982b32
SHA1

278f0da60a210f019dbddc30c08461e65c170cf1
SHA256

24cc8e2592014bf1e783606015926775c6975f0cacdd48d40e70358b5b2b8fdf
SHA512

5bc9dfea3e6ba74082a2089cd95a6e41f9186dd1e6d6e8e6485ef18f9c1a8de892af8e7c7dd45fe1257131d2419f566745b0cc85d1a274a28ef0ff8ecd6d623a
SSDEEP

768:we1MaVCpLklwYTxI0Y+quTbmCu+k+10d/DqlgJV9Nc2:QW7lwYTx0uy5fml6V9Nn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25e9e995841a1c2c9d32d1d2de982b32_JaffaCakes118

Files

25e9e995841a1c2c9d32d1d2de982b32_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd60aaa09358dfdbd0305368d482a4a2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
MapViewOfFile
ReadConsoleA
OpenThread
GetUserDefaultUILanguage
CreateToolhelp32Snapshot
CancelIo
RaiseException
RtlZeroMemory
RegisterConsoleVDM
DnsHostnameToComputerNameW
lstrcatW
GetConsoleKeyboardLayoutNameW
UnlockFileEx
SetConsoleTitleA
GetConsoleCommandHistoryLengthA
lstrcpyW
IsBadStringPtrA
lstrcpyW
HeapSummary
FindFirstChangeNotificationA
GetCommMask
FindResourceExW
CreateMailslotA

user32

SetPropA
SendNotifyMessageA
CharNextExA
GetClassNameA
CreateCaret
SetDoubleClickTime
GetUserObjectSecurity
GetIconInfo
GetAppCompatFlags2
ExcludeUpdateRgn
SetUserObjectInformationW
SetMenuItemBitmaps
IsHungAppWindow
GetClassInfoExW
IsCharAlphaW
InflateRect
OemKeyScan
MoveWindow
GetClipboardOwner
MapVirtualKeyExW
GetKeyState

shell32

ShellExecuteExA
StrStrIA
RealShellExecuteA
ShellAboutW
DoEnvironmentSubstW
ShellAboutW
StrNCmpIW
SheChangeDirA
OpenAs_RunDLL
DllUnregisterServer
SHBrowseForFolderA
SHFileOperationW

Sections

code
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 23KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cd60aaa09358dfdbd0305368d482a4a2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

Sections

code Size: 4KB - Virtual size: 20KB

data Size: 23KB - Virtual size: 28KB

idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 224B

code
Size: 4KB - Virtual size: 20KB

data
Size: 23KB - Virtual size: 28KB

idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 224B