40afbb3b8f80a981e109a2df828f2d4c_JaffaCakes118 | Triage

Sharing

General

Target

40afbb3b8f80a981e109a2df828f2d4c_JaffaCakes118
Size

168KB
MD5

40afbb3b8f80a981e109a2df828f2d4c
SHA1

5220fe1f50e27d148f7a39e7fb23f9336775f83a
SHA256

d4408f415dabbb50d9e0ea2173e33b0c3cfb9cc0d5eee72b3543e673fcc1fbd2
SHA512

503ca6ccb2338fbce614376f6bb12b1a0cf1f5592d0b2e9aecbbbbce4b5b66afaf1e8ee28d623c448ca7a812b3df99b08bc117d4070717c24ecc0b00c435898a
SSDEEP

3072:+5hWSs2XC5haIvLeXixT8IQ02W1o0B6rUPx2WteXs0cFwbQUsJwlZcbRXf1Fb:+h5wb7eXixThQE7B6rU8Wte7cFdJwl0t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40afbb3b8f80a981e109a2df828f2d4c_JaffaCakes118

Files

40afbb3b8f80a981e109a2df828f2d4c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4f5f888360a1e808a29cf9db0ac99a4a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStringTypeW
CompareStringA
GetNextVDMCommand
FindFirstFileW
SetThreadPriority
GetLocalTime
FreeLibrary
LocalFileTimeToFileTime
SetEnvironmentVariableW
SetCurrentDirectoryW
GetShortPathNameW
EnumResourceNamesW
FindResourceW
FindClose
RegisterWaitForSingleObject
SetErrorMode
LoadResource
FileTimeToSystemTime
FileTimeToLocalFileTime
FindNextFileW
SystemTimeToFileTime
SearchPathW

user32

RealGetWindowClassA
ValidateRgn
SetCapture
ReleaseCapture
ExcludeUpdateRgn
ValidateRect
InvalidateRgn
GetCapture
GetUpdateRgn

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ