40a85a2717e1779544e6f0aa5a28ae75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

40a85a2717e1779544e6f0aa5a28ae75_JaffaCakes118
Size

60KB
MD5

40a85a2717e1779544e6f0aa5a28ae75
SHA1

92b8ae64c9a9075fcaef108023c4d8c33b76af0a
SHA256

15f2ef4f802cb9671c1a58c706ce473c621ad3665925ef603ef11c707664f009
SHA512

b69c068dafe67a6297aad1cfd501047c13f83e8971409c2312a9cb0483f052114b34ac65aa56b27f3d26cb20c6f4252cf4b1144a32586f1b6cf271854f0e4196
SSDEEP

1536:alCME5I8ghwuqJVLS6h0jDKnPWJpTYgHNlJsviQw:aUMEC8ghwuqJVOd/Kn4p9HNluw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a85a2717e1779544e6f0aa5a28ae75_JaffaCakes118

Files

40a85a2717e1779544e6f0aa5a28ae75_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0eea16ed2d2a813083bf354df13cabef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
BeginUpdateResourceW
CallNamedPipeA
CommConfigDialogW
CreateNamedPipeW
DeleteCriticalSection
DeviceIoControl
EnumDateFormatsA
EnumSystemLocalesW
ExitProcess
GetAtomNameW
GetNumberFormatA
GetProcessAffinityMask
GetProcessVersion
GetStringTypeExA
GetSystemDefaultLCID
GlobalLock
GlobalWire
InitializeCriticalSection
OpenMutexA
ReadConsoleOutputCharacterW
SetHandleCount
SetThreadPriority
SetThreadPriorityBoost
WaitCommEvent
WritePrivateProfileStructA

advapi32

AdjustTokenPrivileges
BuildSecurityDescriptorA
CreateServiceW
CryptGetDefaultProviderA
CryptHashData
DeleteService
GetMultipleTrusteeOperationA
GetTrusteeTypeW
LookupPrivilegeNameW
ObjectOpenAuditAlarmA
OpenEventLogA
OpenThreadToken
QueryServiceConfigW
ReadEventLogA
RegEnumValueW
RegSetValueExW
RegisterServiceCtrlHandlerW
SetEntriesInAccessListA
SetSecurityDescriptorSacl
StartServiceCtrlDispatcherA

user32

CallMsgFilterW
CascadeChildWindows
ChangeDisplaySettingsExW
DdeConnect
DrawAnimatedRects
EnumPropsExA
GetCursorInfo
GetGuiResources
GetMenuDefaultItem
GetMenuItemCount
GetMessageA
InsertMenuA
IsDialogMessageA
IsIconic
LoadCursorA
LoadStringA
ModifyMenuA
ScrollWindow
SetRectEmpty
TrackPopupMenu
UnhookWindowsHook

gdi32

AddFontResourceA
BeginPath
CloseFigure
CreateBitmapIndirect
CreateDIBPatternBrushPt
CreateHatchBrush
EnumObjects
ExtFloodFill
FillRgn
FloodFill
GetCurrentObject
GetEnhMetaFileDescriptionA
GetKerningPairs
GetMetaFileA
GetPath
GetSystemPaletteUse
GetTextCharacterExtra
GetTextExtentExPointW
GetTextFaceW
GetWorldTransform
InvertRgn
LPtoDP
PatBlt
PolyTextOutA
Rectangle
SelectPalette
SetDIBits
StartDocA
TextOutW

Sections

.text
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eea16ed2d2a813083bf354df13cabef

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Sections

.text Size: 4KB - Virtual size: 16KB

.data Size: 52KB - Virtual size: 52KB

.idata Size: - Virtual size: 8KB

.rsrc Size: - Virtual size: 12KB

.text
Size: 4KB - Virtual size: 16KB

.data
Size: 52KB - Virtual size: 52KB

.idata
Size: - Virtual size: 8KB

.rsrc
Size: - Virtual size: 12KB