40f065535f08c8b6008191f9149fcdda_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

40f065535f08c8b6008191f9149fcdda_JaffaCakes118
Size

31KB
MD5

40f065535f08c8b6008191f9149fcdda
SHA1

89ae1e6ecc67afe1cba89bd7cfefd247b5d80cbd
SHA256

4996b1a7476376a76e06eb494da9fc9e0b4b4a2cd94ad5f0de6246315224bcf2
SHA512

2ac70ac71ced5cd73920043873292e50e846bd6c799d124452c5b77cfa1c9ac46a67d6856ea0b4803e45950b3e4f3fd75f9d37d6982db0c52f01c5a55e2c2baf
SSDEEP

384:fjPMxNBg2GgbkOWROxTmn2dwzCL291cpUokGkrmf0aGa6Ae:f7MxNBgHskNQ/c4UokhrO0aGa6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40f065535f08c8b6008191f9149fcdda_JaffaCakes118

Files

40f065535f08c8b6008191f9149fcdda_JaffaCakes118
.exe windows:6 windows x86 arch:x86

b064b2b7b701a47bc8401d575adffd40

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Request_Device_EjectW
CM_Get_Parent
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList

kernel32

SetUnhandledExceptionFilter
GetModuleHandleW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
CreateFileA
CreateFileW
GetDriveTypeW
QueryDosDeviceW
CloseHandle
GetLastError
DeviceIoControl
Sleep
FormatMessageW
UnhandledExceptionFilter
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter

vcruntime140

memset
_except_handler4_common
wcsstr

api-ms-win-crt-string-l1-1-0

wcsnlen

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fflush
__acrt_iob_func
__p__commode
__stdio_common_vfwprintf_s

api-ms-win-crt-runtime-l1-1-0

_set_app_type
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
_seh_filter_exe
_exit
terminate
__p___argc
__p___wargv
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_controlfp_s
exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b064b2b7b701a47bc8401d575adffd40

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

vcruntime140

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-heap-l1-1-0

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 2KB

.gfids Size: 512B - Virtual size: 32B

.rsrc Size: 18KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 560B

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 32B

.rsrc
Size: 18KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 560B