JaffaCakes118_25450849d2cf016dcdda97abeae2288b | Triage

Sharing

General

Target

JaffaCakes118_25450849d2cf016dcdda97abeae2288b
Size

204KB
MD5

25450849d2cf016dcdda97abeae2288b
SHA1

7db9882a46173d7c61b88ef741e5dfd280f74ed5
SHA256

d9b256faf828ea5585227841cfe8d384774fbac5e5e55b0dad5125d3af86e9ed
SHA512

9d159f57a3d24d268b5d49652294f9fbc87e5ad935651987cb5ba21694964d9ea78a8eb49dbbf3310a8fe0f2e9805e2488d49b2d32f63c83d44dd5b76a27e41a
SSDEEP

3072:njAqi+TogitjfCqObAjYxxNO9WYSRTFDDr7oA3qZ8PoIW2j6e:njAtbljO0jyNvFDMA3qKoLe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_25450849d2cf016dcdda97abeae2288b

Files

JaffaCakes118_25450849d2cf016dcdda97abeae2288b
.exe windows:4 windows x86 arch:x86

cac258f4179f8e49c8affc0b12d887e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

GetFocus
IsChild
RegisterClassExA
GetClientRect
BeginPaint
UnregisterClassA
IsWindow
PtInRect
EndPaint
IntersectRect
GetParent
CallWindowProcA
GetKeyState
RealGetWindowClassA
UnionRect
InvalidateRect
SetFocus
CreateWindowExA

kernel32

HeapReAlloc
CreateFiber
GetSystemInfo
GetLocaleInfoA
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetACP
ResumeThread
LoadLibraryA
EnumResourceNamesA
InterlockedCompareExchange
VirtualFree
VirtualQuery
ExitProcess
HeapAlloc
VirtualProtect
GetProcAddress
VirtualAlloc
HeapSize
IsProcessorFeaturePresent
SetThreadPriority
HeapDestroy
RtlUnwind
TerminateProcess
WriteFile

setupapi

SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ