20452fcf86d4d4d2055dac489b4605ee_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20452fcf86d4d4d2055dac489b4605ee_JaffaCakes118
Size

85KB
MD5

20452fcf86d4d4d2055dac489b4605ee
SHA1

8b6b5d092cb3e72f319d78d1d3b51ef7f9eacf94
SHA256

fb561961b1e395edf504d758b55c5e05c42a5c9f3fe6baaf05efc9b740c5113a
SHA512

31cb53ff5c636467c0c6f7a79792b0ea5f0e3dcc18de83ff978258c8d3bd1114da050e1ff06d4c6556410053aefe6e8ba925409b420e97e85d1a6acec0c06569
SSDEEP

1536:JhYpUPz6fJMNkcMmcqGf6NGB3XcCoNf2zsURQybxcprBvgLTYDQF0QkhP:U6raMN180GRUf2zsURQybxcprBvgLTYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20452fcf86d4d4d2055dac489b4605ee_JaffaCakes118

Files

20452fcf86d4d4d2055dac489b4605ee_JaffaCakes118
.exe windows:5 windows x86 arch:x86

d18b1cbb4d92dd9bd6d52bb9d1bb276f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

advapi32

RegOpenKeyExW

ole32

CoCreateGuid

Sections

.MPRESS1
Size: 31KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE