40c9b023681cabf01f86886fc59b8c09_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40c9b023681cabf01f86886fc59b8c09_JaffaCakes118
Size

212KB
MD5

40c9b023681cabf01f86886fc59b8c09
SHA1

ce99d125e176ec96e972c1db7cba359a5e25d860
SHA256

0f40a7511bdedc1a866afc3a91e1abf51476f54975d57a4b9f39c24005fe175e
SHA512

735e777d1376363e8ad3a62cdecc45c7d229eff700ab81ee1fd2cfd5d55316dc17547b3461ff4371338f9b6c6c0eb715ebceca6d5102e9ada4ef6e980e76ca98
SSDEEP

1536:onobv2Ld9mUSQmPQtKJWC1XBmbjp3JzAtbs:o0vKZSQ4yKQC1XUbjp56b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40c9b023681cabf01f86886fc59b8c09_JaffaCakes118

Files

40c9b023681cabf01f86886fc59b8c09_JaffaCakes118
.exe windows:5 windows x86 arch:x86

40168a02468df9bd64fee73ffe50538f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_SYSTEM

PDB Paths

EapVPlahpcwoS55u0CV.pdb

Imports

gdi32

GetStockObject
GetPixel

winspool.drv

GetPrinterDriverW

wininet

GetUrlCacheEntryInfoExW

user32

GetPriorityClipboardFormat
IsWindowEnabled
LoadMenuA
DrawTextExW

kernel32

GetThreadId
GetTickCount
GetVersion
GetUserDefaultLCID
GlobalFlags
GetStringTypeW
GetUserGeoID
GetSystemDirectoryA
FlushInstructionCache
FileTimeToSystemTime

Sections

.text
Size: 96KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ