25ef3266401c883a10b73f801905ad73_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25ef3266401c883a10b73f801905ad73_JaffaCakes118
Size

372KB
MD5

25ef3266401c883a10b73f801905ad73
SHA1

362817f6806b5c35aba565bb33e5a990571fdc98
SHA256

dae201af6bcc574273b38f72a6c0d986f730263d26a8d43cd7b1a72a528f7edd
SHA512

e1f576b19cf0a52e68b5118271d2fcb74fc066747a04e9e58cdc24228aab41cde1e57524a4ab3bbead8f6160f4afb2311971e98a9093ac92d63bf22dd2519f03
SSDEEP

6144:bjjvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:bnvjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25ef3266401c883a10b73f801905ad73_JaffaCakes118

Files

25ef3266401c883a10b73f801905ad73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

be6394ae6a776e67ad73fb197903efce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetModuleHandleW
GlobalSize
ReleaseMutex
SetEvent
GetPrivateProfileIntW
GlobalFree
ExitThread
CreateFileW
GetTickCount
FindVolumeClose
GetDriveTypeA
GetExitCodeProcess
LocalFree
VirtualAlloc
ReadFile
CloseHandle
lstrlenA
FreeConsole
GetComputerNameW

user32

GetDlgItem
DispatchMessageA
GetKeyState
GetSysColor
GetMenu
EndDialog
CallWindowProcA
SetFocus
GetCursorInfo
GetClassInfoA
DrawStateW
CreateWindowExA
GetClientRect

clbcatq

ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
ComPlusMigrate
DllGetClassObject

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ