0c20ead7aeaddf7a101aa855cfc5d6bc_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0c20ead7aeaddf7a101aa855cfc5d6bc_JaffaCakes118
Size

187KB
MD5

0c20ead7aeaddf7a101aa855cfc5d6bc
SHA1

0f5c4fab67fa3e23e242eebbf4a60743a9d5e73d
SHA256

80bdef7c879c4c5d3faa93b7cb34a48c69ffde7fb5b74851e7b3ab795cd1d2f5
SHA512

05b2b785053342522aa09dd5f6420fdb04dc7b7c914329ad49b903671cd73150c7d6d794172a55bfc1561a9df463a687e3b24f01dfd85e75ccc81aee63935a4e
SSDEEP

3072:SgK/FhVcTas9hApPZSK/FhVcTas9hApPZO:xOFhgOFhY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c20ead7aeaddf7a101aa855cfc5d6bc_JaffaCakes118

Files

0c20ead7aeaddf7a101aa855cfc5d6bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ