25ef500597590109a67c11c6ffee8d51_JaffaCakes118 | Triage

Sharing

General

Target

25ef500597590109a67c11c6ffee8d51_JaffaCakes118
Size

77KB
MD5

25ef500597590109a67c11c6ffee8d51
SHA1

239d15913b46fff22baf2cfbc4852928332c62e4
SHA256

98df9769a5ac48b3970bae874b70f51c2726870156c62787e3ec0a85f46e6089
SHA512

fa9c7868806c8954dca81c83c15d7f4b340f9e249b15487c34be68387152e4bd7a2e35841a7fe702514fffcb93810f801a9bfb44fadd87ead74a9de23a6096c4
SSDEEP

1536:mk7VJKloelhNBiDkLcbkR0OjJjV1ATg15HYFs7Y9iwdPn:npJKlocXCkskRVlATa5N7YAK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ef500597590109a67c11c6ffee8d51_JaffaCakes118

Files

25ef500597590109a67c11c6ffee8d51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cd9efba2b7cf3aa89c43524d3009e943

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
ExitProcess
GetCurrentProcessId
GetLogicalDriveStringsW
GetUserDefaultLCID
SetFileAttributesW
VirtualAlloc
GetCommandLineW
GlobalFlags
SetEnvironmentVariableW
FindResourceExA
GetModuleHandleW

gdi32

SetBrushOrgEx
ResizePalette
SetBitmapBits
GetRegionData
SetTextJustification
GetTextMetricsA
CreateSolidBrush
CreateRectRgnIndirect
ArcTo
GetWindowOrgEx
ResetDCA
Ellipse
CreateFontIndirectA

activeds

ord25
ord23
ord20
ord5
ord13
ord3
ord15
ord6
ord26
ord27

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 102KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 102KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ