20edfea758ab4f9f7ee88e96716b8b25_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20edfea758ab4f9f7ee88e96716b8b25_JaffaCakes118
Size

84KB
MD5

20edfea758ab4f9f7ee88e96716b8b25
SHA1

25fa7921d95a5eec15a6b49ea9a58fff1e40d941
SHA256

830a1b1b7b5843cb9bfe119349d24a754bbc3c1e1bfeed25f8fbd033129ca3fa
SHA512

e91dc7c12811b568a77b5f0a4960a156e132f08ae782040cb10aa9fce3bd1172e25b28ff76c2be33a33cafdfa48987b923f9e0f1dd50fb9bc75e240aecc2b715
SSDEEP

1536:YKJ5f71pvENRXWczCCPWxkzdxBt8ZJ1Eza8UecuNH:95fTEnzxPWxkLBk1V8UecIH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20edfea758ab4f9f7ee88e96716b8b25_JaffaCakes118

Files

20edfea758ab4f9f7ee88e96716b8b25_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5efba21499c1de446a3185058508efdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fclose
malloc
_exit
fread
_XcptFilter
_initterm
fopen
_adjust_fdiv
__setusermatherr
fwrite
strlen
__set_app_type
sin
free
_onexit
exit
strcmp
_except_handler3
fseek
_acmdln
__getmainargs
printf

kernel32

GetModuleHandleW
Sleep

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 572B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ