b20fcfe74e2604572b2ccff85b36e79a_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b20fcfe74e2604572b2ccff85b36e79a_JaffaCakes118
Size

11KB
MD5

b20fcfe74e2604572b2ccff85b36e79a
SHA1

310ef7e7b8b20c02d37881953cf0ab551021e203
SHA256

da8594086ed8132ba7a22110b0c49bd2bc4c6d3c4a0a8d230792c0b7fd562b44
SHA512

4a041940219a69e3ec61fc3cb06f489b21cb24cc58765a24508992482284fd0e3376ff73f6c7b9755134dd8631dd9adda9a19972ba24a34f6ffe260f0649e277
SSDEEP

192:8SoByeRdKHtRjW/YB1SPKeY79IJAVI8ei4hDOvka82cESWS:8vBfmB7v79IxioDOvkRESWS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b20fcfe74e2604572b2ccff85b36e79a_JaffaCakes118

Files

b20fcfe74e2604572b2ccff85b36e79a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cd1ee3520d97cae3a192d121afab04d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
lstrcpyA
ExitProcess
GetModuleHandleA
GetCommandLineA
CloseHandle
DeleteFileA
RemoveDirectoryA
CreateProcessA
SetCurrentDirectoryA
lstrlenA
GetExitCodeProcess
WaitForSingleObject
GlobalFree
GlobalAlloc
LoadLibraryA
FreeLibrary
GetProcAddress
GetLocaleInfoA
GetSystemDefaultLCID
GetVolumeInformationA
GetWindowsDirectoryA
Sleep
GetTickCount
lstrcatA
GetTempPathA
GetProcessHeap
HeapAlloc

user32

CharUpperA
wsprintfA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ