25d5d600fb44a571b973315777fdd2e8_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25d5d600fb44a571b973315777fdd2e8_JaffaCakes118
Size

150KB
MD5

25d5d600fb44a571b973315777fdd2e8
SHA1

1b6532895a7c76fa777de4b0b6ad77444d6ac492
SHA256

b86ac75cdb9b3748f7a9540f5441d1c56e10e43ea3b371689e3bab77b900e95a
SHA512

c83c39607387610271e0b7ced57b126b5d3430953039e2fbd72295e59209b798d8809e23e100237233552072b4024773adfeb31134e2488aba788665bc28741a
SSDEEP

3072:hDE74wfRtZv8yMQic3btpbF4HmXsP/8/vOwYluDXgLaR7:g4wfRjv5Gc3btdvw/22w6QgLal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25d5d600fb44a571b973315777fdd2e8_JaffaCakes118

Files

25d5d600fb44a571b973315777fdd2e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ee8bbcf7a9715c469de570a76731ac31

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
GetOEMCP
SetConsolePalette
GetStdHandle
VirtualAlloc
WriteProfileStringA
CloseHandle
RaiseException
GlobalAddAtomA
HeapCreate
LoadLibraryExA
LocalFree
DeleteAtom
GetLastError
lstrcat
EnterCriticalSection
GlobalFree
GlobalUnlock
SetCommBreak
GlobalAddAtomA
IsBadCodePtr

user32

BeginPaint
GetWindowTextLengthA
CloseWindow
EndPaint
GetFocus
GetForegroundWindow
GetWindow
DrawEdge
ShowWindow
GetDC
ReleaseDC
GetWindowTextA
ValidateRect
IsIconic
GetActiveWindow
GetClassInfoExA
AlignRects
GetParent
GetClassNameA

wsock32

WSAAsyncGetServByPort
WSACleanup
WSAStartup
WSASetBlockingHook
WSAGetLastError

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ