25ec89016042ef6b95aaf957eeb0f07d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25ec89016042ef6b95aaf957eeb0f07d_JaffaCakes118
Size

274KB
MD5

25ec89016042ef6b95aaf957eeb0f07d
SHA1

b16151c7488a2e9d4ac7dfaeef661292379db8c3
SHA256

7990683044aa7c061d7d4abf71ad214d2d72d6bf72bc44faa0490cc59acbcad5
SHA512

f0455b5a75f8e3e6fbabf2fb0994d1a29ea4b52e217f4e5c64820f733bb91ae257e7a311a2bd0105f4f2accd0e87c66d9776177fadb9e153a28b6bbc6c7cbc94
SSDEEP

6144:esvYeIKKywFyeVVYMKAArXUsDpcuhaCF4y3bl7LH2N7ezDmR:7vYeIIwFNzsrOhCF4cl7LWNQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ec89016042ef6b95aaf957eeb0f07d_JaffaCakes118

Files

25ec89016042ef6b95aaf957eeb0f07d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c597ec798e1af40f5832651407266597

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameA
SetFilePointer
lstrlenA
ReadFile
WriteFile
GetCurrentThreadId
EnumResourceLanguagesW
FindFirstFileA
WideCharToMultiByte
EnumResourceTypesW
GetCurrentProcessId
FindNextFileA
CreateMailslotA
GlobalHandle
GetModuleHandleA
IsDBCSLeadByte
QueryPerformanceCounter
FindClose

oleacc

AccessibleChildren
CreateStdAccessibleProxyW

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ