25a56e852da5a19e01db5ebd4225611d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

25a56e852da5a19e01db5ebd4225611d_JaffaCakes118
Size

258KB
MD5

25a56e852da5a19e01db5ebd4225611d
SHA1

7d94b4c958384813b2eb0e01fc992c8a635795e7
SHA256

1237ad103e3a392867e158930f958768ca68e897954889df40f4cd5237f61eb7
SHA512

dc1dcf1e8496c938b0a2d04db1fef0c0204f359734b81dc951295928f1222bbe1aecf4db0899bdebf4c50535857dae699d90be2bf9ae3a1e9ccdc8ee454f370f
SSDEEP

6144:bYHdq0nY6nRFRhR/W5ATVpKRmgzLUuZbeOE5Vr3:bYHdq0nY6vRhR/WyTVpK/zLU25Efr3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25a56e852da5a19e01db5ebd4225611d_JaffaCakes118

Files

25a56e852da5a19e01db5ebd4225611d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c6a119d72213992b8929fceed04291fe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
SetFilePointer
LoadLibraryExA
LocalAlloc
WriteFile
WideCharToMultiByte
SetEndOfFile
SetThreadLocale
SetHandleCount
VirtualAllocEx
LocalFree
ResetEvent
LoadLibraryA
GetVersionExA
GetLastError
MoveFileA
GetCommandLineW
lstrcpyA
VirtualQuery
lstrcatA
LocalReAlloc
IsBadHugeReadPtr
GlobalAlloc
HeapDestroy
GetCommandLineA
ExitProcess
MoveFileExA
GetModuleHandleA
GetProcAddress
MulDiv
lstrlenW
SetEvent
lstrcpynA
IsBadReadPtr
lstrcmpA

user32

GetMenuState
InsertMenuItemA
InvalidateRect
IsWindow
GetSystemMenu
GetKeyboardLayoutNameA
GetLastActivePopup
GetClipboardData
GetMenu
GetKeyboardLayoutList
GetDC
InflateRect
GetParent
GetWindowRect
GetScrollPos
GetCursorPos
IsDialogMessageW
GetPropA
GetDCEx
GetSysColor
GetMessagePos
GetTopWindow

gdi32

BitBlt
CreateBitmap
CopyEnhMetaFileA

Sections

CODE
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES72
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES78
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES54
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES91
Size: 1024B - Virtual size: 967B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES28
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES25
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RES23
Size: 1024B - Virtual size: 675B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.RES71
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6a119d72213992b8929fceed04291fe

Headers

File Characteristics

Imports

kernel32

user32

gdi32

Sections

CODE Size: 81KB - Virtual size: 81KB

.data Size: 159KB - Virtual size: 159KB

.RES72 Size: 2KB - Virtual size: 1KB

.RES78 Size: 2KB - Virtual size: 2KB

.RES54 Size: 1KB - Virtual size: 1KB

.RES91 Size: 1024B - Virtual size: 967B

.RES28 Size: 2KB - Virtual size: 1KB

.RES25 Size: 2KB - Virtual size: 1KB

.RES23 Size: 1024B - Virtual size: 675B

.RES71 Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 81KB - Virtual size: 81KB

.data
Size: 159KB - Virtual size: 159KB

.RES72
Size: 2KB - Virtual size: 1KB

.RES78
Size: 2KB - Virtual size: 2KB

.RES54
Size: 1KB - Virtual size: 1KB

.RES91
Size: 1024B - Virtual size: 967B

.RES28
Size: 2KB - Virtual size: 1KB

.RES25
Size: 2KB - Virtual size: 1KB

.RES23
Size: 1024B - Virtual size: 675B

.RES71
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB