ed25e914c5b580a9c329937c1f6d6a02_JaffaCakes118 | Triage

Sharing

General

Target

ed25e914c5b580a9c329937c1f6d6a02_JaffaCakes118
Size

156KB
MD5

ed25e914c5b580a9c329937c1f6d6a02
SHA1

f79fdca9d633b6a31ff293d4437ff60eefd829bc
SHA256

b05c0cf8333e8a12a3d06a3f0331d2b5987c01e366d757222cf271d7869ead3d
SHA512

8ab74dc5edae21eadee8304949556df608a198730c3499a13b063caa775fc91911971f04a3b22c8e7f78ab53b5062a140438b09c9af6bc4ba6caf9cc2a1d8d40
SSDEEP

3072:Gok8yWxodS+JpVjFlWtL+KbzOwLBg35WMqSTOxat5894V3uZ85JNTio3bxAtmEby:Gokk+dS+9jFZkqj3wMH5JBv2oLxAtmEW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed25e914c5b580a9c329937c1f6d6a02_JaffaCakes118

Files

ed25e914c5b580a9c329937c1f6d6a02_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f890f78611dad883b485fde922676457

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetVDMCurrentDirectories
FindResourceW
SetEnvironmentVariableW
FindNextFileW
FileTimeToLocalFileTime
LocalFileTimeToFileTime
SetThreadPriorityBoost
FreeLibrary
SystemTimeToFileTime
FindClose
SetErrorMode
EnumResourceNamesW
SetCurrentDirectoryW
GetStringTypeW
RegisterWaitForSingleObject
GetLocalTime
CompareStringA
HeapCreate
LoadResource
FindFirstFileW
GetShortPathNameW
FileTimeToSystemTime
SearchPathW

user32

InvalidateRgn
GetWindowInfo
GetCapture
ValidateRect
SetCapture
ReleaseCapture
ValidateRgn
ExcludeUpdateRgn
GetUpdateRgn

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ