20c884447018eaa88cb5e1911938d835_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20c884447018eaa88cb5e1911938d835_JaffaCakes118
Size

3.2MB
MD5

20c884447018eaa88cb5e1911938d835
SHA1

82c70f5c9b7eced3f84b12c92b68910630458a2a
SHA256

30cf40d6982ef7412d34c5728f58efe4e7e5792632a88855b6232efe9eeb5b92
SHA512

1f379b2d43b939ee78b556fce0cfb71cb7df4db20879ed66b51e7ab4cb72a8dd8c05638989b167ccf15f069b9cc619a99a9f090249a6182d7a7cf36c44a5bd4d
SSDEEP

98304:yI8Gpo93Jx5RvJZ7S86DoiSm5RXseLbxeLB:NU3Jx5/76DorCqevxed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20c884447018eaa88cb5e1911938d835_JaffaCakes118

Files

20c884447018eaa88cb5e1911938d835_JaffaCakes118
.exe windows:5 windows x86 arch:x86

674f4b74de485a9cc5805e74a1165d36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32 msvfw32

CompareStringW 3�7

Sections

.text
Size: 2.5MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SE
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ