b1fe8b91c6e9a87a6c9fcac8c4479409_JaffaCakes118 | Triage

Sharing

General

Target

b1fe8b91c6e9a87a6c9fcac8c4479409_JaffaCakes118
Size

54KB
MD5

b1fe8b91c6e9a87a6c9fcac8c4479409
SHA1

78ee8f3b9eabf9654dbbe9e6af85e57d531111cb
SHA256

44a9f0ec572bc7c7b08484dd32785f8bd9d0b5e128ec928cbdbbd493b0814fec
SHA512

54f78b6d5b478c44cbe3369c4192a551fe4547a407ce46a4bcee6699938b0c5ded628de2f6f29313af1f674e8f98d2429d0fd24f0ba870a4c6baec05c4170851
SSDEEP

768:ncfLI8wosPTbBZwbIrdLqdzXi+AR1MzaoQA7yJoi9U1Kyk0NDbYAjZWPpCH:cTI8WB6G4i1R1q5xyJoiWa0VEAjIP0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1fe8b91c6e9a87a6c9fcac8c4479409_JaffaCakes118

Files

b1fe8b91c6e9a87a6c9fcac8c4479409_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2cc66e52f7454bb45d6c7db706d5b736

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocalTime
GetModuleFileNameW
GetVersionExW
HeapAlloc
SetFileTime
WaitForSingleObject
WideCharToMultiByte
lstrcpyA
lstrlenW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfA
wvnsprintfW

user32

FindWindowExA

Sections

.text
Size: 44KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ