b1c200c599ad74d500380628e3c2d381_JaffaCakes118 | Triage

Sharing

General

Target

b1c200c599ad74d500380628e3c2d381_JaffaCakes118
Size

64KB
MD5

b1c200c599ad74d500380628e3c2d381
SHA1

00f412c6a7f895ecfa9fb92206ab687fe2414c0c
SHA256

57fdbd23e8e62e32a1aed8b49ee37af7b2dc53648d5fa0b5ba9dc5b897342490
SHA512

720de7c329ed8a8c9187d8950707d29cc6bd157d68df1209a5254ce4e7a6c6a421368451e02160d267c61f7e9cbbb3c6c8fb2ad094fa3ef4723fcd96a3171815
SSDEEP

1536:lsiKRK0t8ninFH7wxsW9UhVJO9vU1ZYt2kU1woqb:hKRK0cinMsIU1O2Ut2kU1w5b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1c200c599ad74d500380628e3c2d381_JaffaCakes118

Files

b1c200c599ad74d500380628e3c2d381_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d24fff2e786b9850dfc51067491fb68d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateProcessA
ExitProcess
FindFirstFileA
GetACP
GetCommandLineA
GetConsoleMode
GetCurrentProcessId
GetFileType
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemTimeAsFileTime
GlobalReAlloc
HeapAlloc
HeapCreate
HeapReAlloc
HeapSize
InterlockedDecrement
IsBadStringPtrA
LeaveCriticalSection
LocalFree
MultiByteToWideChar
OpenProcess
ResetEvent
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
VirtualQueryEx
lstrcatA
lstrcmpA
lstrcpynA

user32

SetWindowPos
SetPropA
SetClassLongA
RedrawWindow
GetWindowLongA
GetWindowDC

ole32

StringFromGUID2
CoTaskMemAlloc
CoCreateInstance

oleaut32

SafeArrayAllocData
RevokeActiveObject
RegisterTypeLi

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ