40a9337b58dcb63a88105ad2da432b61_JaffaCakes118 | Triage

Sharing

General

Target

40a9337b58dcb63a88105ad2da432b61_JaffaCakes118
Size

56KB
MD5

40a9337b58dcb63a88105ad2da432b61
SHA1

c173c5e1308ad3dc1fc70084a3cce1bd71e876c3
SHA256

1daf1c4b80ab1603e65f53cc7aba70dedb5b16145939330919a1ed7f29eef03b
SHA512

bfab42e8da31b91674572153d448fad7a8d6af8be2bbc4dc279b2318fdc48d10fd1f721ead4a23a4861651acc55d625d9f57c6189e092cbf3f0f9e40768ec9e1
SSDEEP

1536:DnOxcYFJdxPGqayus8X6/o/kJGuijFToFcL:iqYFVPGJKpGOcL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40a9337b58dcb63a88105ad2da432b61_JaffaCakes118

Files

40a9337b58dcb63a88105ad2da432b61_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b2d18af34bd0c81b8dce2f31e99f7c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DebugActiveProcessStop
CreateThread
CopyFileExW
GetDriveTypeA
ShowConsoleCursor
FindNextVolumeMountPointA
SetLocalPrimaryComputerNameA
GlobalSize
EnumCalendarInfoW
CreateActCtxW
QueryDosDeviceA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE