20dee9884d4ab56c2e27e92f4cba3fc7_JaffaCakes118

General

Target

20dee9884d4ab56c2e27e92f4cba3fc7_JaffaCakes118
Size

173KB
MD5

20dee9884d4ab56c2e27e92f4cba3fc7
SHA1

b47dbbb0de8db71db3929f365fc3b1cf117852e6
SHA256

59f8ffd7aea43b794850ef1206db19ba00786d343e3725bdd906d988ab12cf3e
SHA512

57ddd0ca67b92733f0511c3570dda392cf0f7391c6c5c463b92487469fb85991a05f603fb7ea99ab547720e9ad346e3220a995123ce1bcd1ddef2a742643ef30
SSDEEP

3072:k+ieR00Re3l6kUcp8u4R3ZV1p4p4M6E9YuZKSvUSbMWfb8X:BiO00RKlNIZV/Y+S/bM+b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20dee9884d4ab56c2e27e92f4cba3fc7_JaffaCakes118

Files

20dee9884d4ab56c2e27e92f4cba3fc7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f017b8047b0b5866b174529f35377b84

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

shell32

SHCreateDirectoryExW
SHFileOperationW
SHGetFolderPathW

advapi32

RegCreateKeyExW
RegCloseKey
RegSetValueExW

rpcrt4

UuidCreate

user32

GetClassLongA
MessageBoxW

kernel32

RaiseException
IsDebuggerPresent
GetCurrentDirectoryW
GetThreadPriority
GetLastError
HeapReAlloc
InterlockedIncrement
GetModuleFileNameW
GlobalAlloc
LCMapStringW
ReadFile
Sleep
LeaveCriticalSection
GetProcessHeap
PurgeComm
GetUserDefaultLCID
GetProcAddress
EnterCriticalSection
GetVersionExA
SetStdHandle
WideCharToMultiByte
LCMapStringA
GetCurrentThreadId
IsValidLocale
SetUnhandledExceptionFilter
EnumResourceNamesA
WriteFile
UnhandledExceptionFilter
WriteConsoleW
GetModuleHandleA
GetConsoleOutputCP
RtlUnwind
CreateFileA
SetEndOfFile
EnumSystemLocalesA
GetFullPathNameW
MultiByteToWideChar
GetCurrentProcess
DeleteCriticalSection
GetCPInfo
ExitProcess
InterlockedDecrement
GetLocaleInfoW
IsValidCodePage
WriteConsoleA
CloseHandle
HeapAlloc
TerminateProcess
GetCommandLineA
ExitProcess
InitializeCriticalSection
HeapSize
HeapFree
GetFullPathNameA

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 512B - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f017b8047b0b5866b174529f35377b84

Headers

File Characteristics

Imports

shell32

advapi32

rpcrt4

user32

kernel32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 29KB - Virtual size: 29KB

.crt Size: 512B - Virtual size: 216KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 29KB - Virtual size: 29KB

.crt
Size: 512B - Virtual size: 216KB