20dee58caa38c37d336e50c77120e899_JaffaCakes118 | Triage

Sharing

General

Target

20dee58caa38c37d336e50c77120e899_JaffaCakes118
Size

22KB
MD5

20dee58caa38c37d336e50c77120e899
SHA1

cbe23ae14d79ff2b4d82989e176c910ec0cf4a8b
SHA256

a2efdc82607b9b0159e286ec6015a5e7b7b37ce7bdae630bd343861e465a4421
SHA512

91c275992769e8da20d68dda6626e03f11121d6f4cee35b56090bb625a4c54edec2271fd656959df091bed5b9ace0b7071288ceb3dc13a298049b1b0a19ee923
SSDEEP

192:j/H2Xn+BjUqWamfSA+pfSGlYJdvV7zpANO3yyzGRalcvuHEBfAMLCD8RM:EnGWamfSA+l7lmRCNOBCQlcGHEBfAFom

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20dee58caa38c37d336e50c77120e899_JaffaCakes118

Files

20dee58caa38c37d336e50c77120e899_JaffaCakes118
.exe windows:4 windows x86 arch:x86

660c00620810528539420ea779dd6c15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CloseServiceHandle
CreateServiceA
OpenSCManagerA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

kernel32

AddAtomA
CloseHandle
CopyFileA
CreateFileA
ExitProcess
FindAtomA
GetAtomNameA
GetDriveTypeA
GetLogicalDriveStringsA
GetModuleFileNameA
GetProcAddress
GetSystemDirectoryA
GlobalAlloc
GlobalFree
LoadLibraryA
LocalAlloc
LocalFree
SetFileAttributesA
SetUnhandledExceptionFilter
Sleep
WriteFile
lstrcatA
lstrlenA

msvcrt

__getmainargs
__p__environ
__p__fmode
__set_app_type
_cexit
_iob
_onexit
_setmode
abort
atexit
fflush
fprintf
free
malloc
signal

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 176B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE