40aa7b7710e06cb2e5042a4ca93d94d3_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

40aa7b7710e06cb2e5042a4ca93d94d3_JaffaCakes118
Size

258KB
MD5

40aa7b7710e06cb2e5042a4ca93d94d3
SHA1

4dd08e14b0a0e9cfb5858613d6195f8c26db6c04
SHA256

7a14eb069c5c21dcd6d4b1311e0b476a8b58ed9b7c64b9baf95387e764416d62
SHA512

ff5eac3c2e67715dc4db9b40575ad175ef40de138b7ba7926f397ce65d35bc3e6c2386e80d242fee7394d9966a013e15ae7b81086e45fe53419e71a10c92e31c
SSDEEP

6144:BErxUbkVU7Tfu6W/i5+kFvU+sOpY0NtjGD:BEGQVU7TIu+kKUtNtSD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40aa7b7710e06cb2e5042a4ca93d94d3_JaffaCakes118

Files

40aa7b7710e06cb2e5042a4ca93d94d3_JaffaCakes118
.exe windows:6 windows x86 arch:x86

4e6e62fd88499951c3ab49c565b3c786

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStdHandle
VirtualFree
SetStdHandle
GetStartupInfoW
LocalFree
VirtualAlloc
CloseHandle
GetTickCount

Sections

.text
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 588KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ