40853e61d4a65f90f3de99b042310923_JaffaCakes118

General

Target

40853e61d4a65f90f3de99b042310923_JaffaCakes118
Size

225KB
MD5

40853e61d4a65f90f3de99b042310923
SHA1

abecf34a59e011d5e2bf5556ae23623a30526051
SHA256

49f012d43036f64770f89ca139ec3480687cd34867142af570ffe3baa88b7d5d
SHA512

db6ec6a1051a4668eb7b04d7281cf05968d8bc6cc7ad15a57996beee495e2c210ad82a8419170595f29a42165bba7ae78b38cc2c837cf3d6ef4f5781a7092791
SSDEEP

6144:BFHczDuAWKUvrHqh0wYb0dttkudLQi5L:LcbBh01b0dsudLQi5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40853e61d4a65f90f3de99b042310923_JaffaCakes118

Files

40853e61d4a65f90f3de99b042310923_JaffaCakes118
.exe windows:5 windows x86 arch:x86

857d191c4d9993bce243edd4be5cd318

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
DeviceIoControl
DisableThreadLibraryCalls
FormatMessageA
GetComputerNameW
GetLastError
GetLocalTime
GetProcessHeap
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
CloseHandle
HeapAlloc
HeapFree
HeapReAlloc
QueryDosDeviceW
ReleaseMutex
ReleaseSemaphore
ResumeThread
CreateEventA
CreateFileA
SetEvent
CreateFileW
Sleep
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForMultipleObjects
WaitForSingleObject
CreateMutexA
CreateSemaphoreA

user32

IsCharAlphaA
IsCharAlphaW
wsprintfA

ole32

CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoCreateInstance
CoImpersonateClient
CoInitialize
CoInitializeSecurity
CoRegisterClassObject
CoRevertToSelf
CoRevokeClassObject
CoTaskMemAlloc

advapi32

GetLengthSid
IsValidSid
CopySid

shell32

CommandLineToArgvW

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

857d191c4d9993bce243edd4be5cd318

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

advapi32

shell32

Sections

.text Size: 156KB - Virtual size: 156KB

.rdata Size: 30KB - Virtual size: 30KB

.data Size: 17KB - Virtual size: 33KB

.reloc Size: 10KB - Virtual size: 12KB

.rsrc Size: 10KB - Virtual size: 12KB

.text
Size: 156KB - Virtual size: 156KB

.rdata
Size: 30KB - Virtual size: 30KB

.data
Size: 17KB - Virtual size: 33KB

.reloc
Size: 10KB - Virtual size: 12KB

.rsrc
Size: 10KB - Virtual size: 12KB