25b49954285b6bbee3e443fcde28a2b3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25b49954285b6bbee3e443fcde28a2b3_JaffaCakes118
Size

274KB
MD5

25b49954285b6bbee3e443fcde28a2b3
SHA1

7d2a532f94466389c28707e45e5fd89e85ed3d6f
SHA256

7884dfc19b4073f2a4688f4521c9b9895cbdafad6835955d7ff27747da542d08
SHA512

edd046e0977dd2d1c5738e520bd9487ba52c06c1234d2e28ced95acde7c08a17072fd613827403b34d5b4a55300c0d66faf5808d0d9868dbdc23788f249d895b
SSDEEP

6144:JaXELi1zMzX1EQEVYj0vdiwDizTX4lzE7tSoGWXGoCk7O:QXELi+eXVYjnCEX4dE7O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25b49954285b6bbee3e443fcde28a2b3_JaffaCakes118

Files

25b49954285b6bbee3e443fcde28a2b3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20d4b80f13b32464155c1ecbe2c71b73

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
LoadLibraryA
HeapReAlloc
GetStdHandle
GetModuleHandleA
CloseHandle
GetTickCount
FindAtomA
VirtualProtect
WaitForSingleObject
GetProfileIntA
TlsGetValue
CompareFileTime
GetConsoleCP
TlsFree
HeapWalk
GetAtomNameA
GlobalUnlock
lstrlenA
GetACP
InterlockedExchange

user32

EnableScrollBar
LoadIconA
UpdateWindow
GetDlgItem
CreateCaret
DispatchMessageA
GetWindowTextA
PostMessageA
InflateRect
EqualRect
SetWindowPos
GetKeyboardLayout
InsertMenuA
MessageBoxA
PaintDesktop
CopyRect
ModifyMenuA
SetPropA
GetMenu
ShowWindow
TranslateMessage
SubtractRect
DialogBoxParamA
DestroyMenu
GetMenuStringA

msi

MsiDoActionA
MsiGetMode
MsiCloseHandle
MsiEnumClientsA
MsiEnumProductsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 592KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ