40458cd378f829c1590f0268d7dabce2_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40458cd378f829c1590f0268d7dabce2_JaffaCakes118
Size

116KB
MD5

40458cd378f829c1590f0268d7dabce2
SHA1

e475d51bd26502376409cc154a1d9751719da17e
SHA256

16123216996097b35157da86bee59e10916973a626ff7850e8f9157f63e96e70
SHA512

285d3210e4bbdcdba71e897cd52601dbc9b4a91ff087a73654da1707f36642fa4965b3f7ea35bf579655a3d760e291ef90c1539ac591c5ecc566de950778a7a0
SSDEEP

1536:nW2JhZ/FKwtl92Jld6nWi2ojEvEKK0NemI0dqLzTwfm5+Z0Ec3C:/JRD4J2nWil4MD6emzpfm5+SEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40458cd378f829c1590f0268d7dabce2_JaffaCakes118

Files

40458cd378f829c1590f0268d7dabce2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

942ae3b98cd274c2d9f22bee2f74c0b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WritePrivateProfileStructA
ReadConsoleOutputCharacterA
ExitProcess
FreeEnvironmentStringsA
SetConsoleTitleA
GetCommandLineW
LockFile
SetEnvironmentVariableA
GetVolumePathNameA
VirtualAllocEx
GetCurrentProcess
WriteConsoleInputA
GetPrivateProfileSectionNamesW

user32

SetProcessWindowStation
AdjustWindowRectEx
LoadCursorFromFileA
LoadBitmapA
GetWindowTextA
CreateWindowStationA
ShowStartGlass
SetScrollRange
GetMonitorInfoA
InvalidateRect
BlockInput
LockSetForegroundWindow

gdi32

SetBoundsRect
PolyTextOutA

Sections

.text
Size: 104KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 704B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ