25d14644f39fe89313d27a47a9fc515b_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25d14644f39fe89313d27a47a9fc515b_JaffaCakes118
Size

106KB
MD5

25d14644f39fe89313d27a47a9fc515b
SHA1

09811e1d9c326cf059a5e0936851248f6cff14b0
SHA256

a0deec87b919b82c188e5e4b44e91c0fc8407f4c0ea38f2f3375363b577a7f58
SHA512

c77cfaa1dc4e7a072a779201631af1184b5593a030ac0d8d6ab18f9d66d5c2c220faa4fd2bc034a3e14d0d4a6e8d7c1bb60082cec96e478f979e5409649c7093
SSDEEP

3072:yFh2EWzetv3bo5Y4K1mX6O5czk6za/v7f3Me5KfFqd2rrz/B:yFh2EseFE5a1S5cQ/vrJojn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25d14644f39fe89313d27a47a9fc515b_JaffaCakes118

Files

25d14644f39fe89313d27a47a9fc515b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

009d712e9d83bac91cebe8e0c694e0fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
GetSystemMetrics
GetDC
GetDesktopWindow
CharNextA
GetParent

kernel32

QueryPerformanceCounter
GetSystemTime
lstrcmpA
RemoveDirectoryA
lstrcmpiW
GetCommandLineA
DeleteFileA
GetModuleHandleA
GlobalFindAtomA
lstrlenA
lstrcmpiA
CopyFileA
lstrlenW
GetWindowsDirectoryA
RemoveDirectoryW
FindClose
VirtualAlloc
VirtualFree

gdi32

SaveDC
CreateCompatibleDC
RectVisible
GetObjectA
GetClipBox
GetPixel
DeleteObject
SelectObject
LineTo
DeleteDC
SelectPalette
SetTextAlign
GetTextMetricsA
GetStockObject
SetMapMode
CreatePalette
SetTextColor
CreateSolidBrush
SetStretchBltMode
CreateFontIndirectA

glu32

gluNurbsCallback

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ