40ce8273dcf3ab7b8755986b8635f61e_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40ce8273dcf3ab7b8755986b8635f61e_JaffaCakes118
Size

124KB
MD5

40ce8273dcf3ab7b8755986b8635f61e
SHA1

ec9015fd2cd81d72fbd5574bf428bd9cf50e433c
SHA256

30ea181a66bd17233fe6e858e0f0ac1bb559c7795620b511eded7a09f2250c6b
SHA512

10e7a254f05f3eaada3df5c2a833424189173703d47d5eeb1ed5de5a3e25a05e2a8c9993c41f96e7da55d8574cad1eca358c19181f0f56f5f2559a9e64a679e8
SSDEEP

3072:4KvLIUxfzutZdcufiHMlSPfyEPpUWDzX:RvsUxytZdcuKsoPf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40ce8273dcf3ab7b8755986b8635f61e_JaffaCakes118

Files

40ce8273dcf3ab7b8755986b8635f61e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

0a1290151cc0735db49be8e25e6821b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptVerifySignatureW
SetSecurityAccessMask
RegCloseKey
CryptSetKeyParam

user32

GetClipboardSequenceNumber
UserHandleGrantAccess
DdeAbandonTransaction
GetClipboardData
GetCapture
MapWindowPoints
GetCursorInfo
UnhookWinEvent
GetWindowThreadProcessId

winmm

OpenDriver

kernel32

CloseHandle
GetTickCount
FillConsoleOutputAttribute
GetEnvironmentStringsW
LockFileEx
SetEvent
WritePrivateProfileStringW
FormatMessageA
GetThreadContext
GetSystemTimeAsFileTime
GetThreadId
GetCurrentThread
SetProcessPriorityBoost

gdi32

Pie
CreateEllipticRgn
GdiGetBatchLimit
PolyPolygon

msacm32

acmFormatEnumW

winspool.drv

AddMonitorW

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ