25c59ce1980ce07506642c81322d9a51_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25c59ce1980ce07506642c81322d9a51_JaffaCakes118
Size

195KB
MD5

25c59ce1980ce07506642c81322d9a51
SHA1

9dbcacd421d38f06dcb28aa3754767c8676076dc
SHA256

eb809a76ece86c2a74f99545adecf5281586dfdcbf87a32108f8c1652474dd53
SHA512

bd32b0c02c26bee7c9c01f5d6cb26283eb05b7aec06fe9245cb766c24cc8b2df3da56ad95d983f65cf84b4bfa2b97b4e903c962a894fe706f15670e85ac86b20
SSDEEP

6144:7OLbe4C/JEePssulpgu9Ks1yRCYsQQTJh1D9y:qLbe/JlE1lpgu/uCBrTj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25c59ce1980ce07506642c81322d9a51_JaffaCakes118

Files

25c59ce1980ce07506642c81322d9a51_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a179e3b46592fb4ed2c889b78989e81c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegSetValueExA

kernel32

FlushInstructionCache
MapViewOfFile
GetModuleFileNameW
FindResourceExA
EnumResourceNamesW
SetCalendarInfoW
FindFirstFileA
DuplicateHandle
UnmapViewOfFile
FindClose

shell32

Shell_NotifyIconA

winmm

timeEndPeriod

rpcrt4

NdrFixedArrayFree
UuidCreate

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 788B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ