25af16742563ebf5b37cb8621d072511_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25af16742563ebf5b37cb8621d072511_JaffaCakes118
Size

17KB
MD5

25af16742563ebf5b37cb8621d072511
SHA1

77201b15d4fb2eb2de8687a6374abc94b2bb3591
SHA256

a63eb831db45f0d28a0f683af3305277fd0c1cc10202e0909ebc7d76d9ba735b
SHA512

21a70bc410523bcc9d0ff1777b1cdb90da2e686ef2bb83f0712db6ff09749af7a70828f991fa1079fe77d48dea62ac6076f341da5e3571165f6dc25291c627c3
SSDEEP

192:aEvdNV9vuByPcewvRdgZhcvhEcFz8umbiKz:ZvdNV9WUjcvhrybxz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25af16742563ebf5b37cb8621d072511_JaffaCakes118

Files

25af16742563ebf5b37cb8621d072511_JaffaCakes118
.exe windows:4 windows x86 arch:x86

374b20dd127b738056d129aaa36ae15d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetCurrentProcessId
TlsAlloc
GetUserDefaultLangID
GetCurrentProcess
GetCurrentThreadId
GetDriveTypeW
FreeLibrary
lstrcmpA
GetACP
IsDBCSLeadByte
lstrcatA
GetModuleHandleW
GetCurrentThread
VirtualAlloc
GetLogicalDrives
GetModuleFileNameA
GetSystemDefaultLCID
TlsSetValue
GetCommandLineA
TlsGetValue

user32

ReleaseDC
GetDC
RegisterClassA
GetActiveWindow
IsWindowVisible
GetSystemMetrics
GetFocus
GetForegroundWindow
GetClassLongA
CreateWindowExA
BeginPaint
GetWindowDC
GetWindowTextA
GetWindowLongA
GetWindow
UpdateWindow
ShowWindow
GetWindowTextLengthA
IsIconic

shell32

StrRChrA
StrCmpNIA
StrChrA
StrRChrIA
StrCmpNA
StrChrIA

secur32

GetUserNameExA
GetSecurityUserInfo
AddCredentialsA
GetComputerObjectNameA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ