a925d62414b01dc67870362e80035856_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a925d62414b01dc67870362e80035856_JaffaCakes118
Size

169KB
MD5

a925d62414b01dc67870362e80035856
SHA1

fec6c372d528746bbe4bdb527ac0fd7e8f243c51
SHA256

1057141585ccdb425d7ff4095c7627d779de796ddc67b4aa72d575b93830bdb9
SHA512

1d8c34e2e5a5ce5b48b32e0f80d46b9147bffd13c48e384be28ecba3ae2505907521e2c278cbe2f3ca95cfb2837ad66423742f13fd75aaf021bcdc0fc2bb38c2
SSDEEP

3072:Ag5uiyuZcc8InomfyHkNdTIdOr485Kg9F0GmF4XHp:ABi/Zc1InomfyHCJIqx5KgrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a925d62414b01dc67870362e80035856_JaffaCakes118

Files

a925d62414b01dc67870362e80035856_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d1d07474527569356ea5f8ec68f6f185

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rtutils

TraceDeregisterW
TraceVprintfExA
TraceRegisterExW
TracePutsExA

avifil32

EditStreamSetInfoA

ole32

CoSetProxyBlanket
CLSIDFromProgID
CoGetDefaultContext
CoTaskMemRealloc
CoTaskMemAlloc
OleRun
CoCreateInstance
CLSIDFromString

netapi32

NetApiBufferFree
DsGetDcNameW
NetWkstaGetInfo
DsRoleGetPrimaryDomainInformation

user32

LoadStringW
wsprintfW
CharNextW
wsprintfA

kernel32

GetTempPathA
VirtualAlloc

Sections

.text
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ